Windows Firewall lässt sich nicht starten Fehler 0x8007042c

J3T · 28.07.2015, 02:30

Die Windows Firewall zeigt immer die Fehlermeldung mit dem Code 0x8007042c an. Egal ob ich die Firewall starten möchte, Ausnahmen hinzufügen möchte etc.
Außerdem können einige Schutzkomponenten von Kaspersky nicht mehr gestartet werden (mail-,web- und IM- Anti-Virus sowie Anti Banner).
Zusätzlich wird meine WLAN Verbindung in der Taskleiste mit dem Status "Nicht verbunden - Es sind Verbindungen verfügbar." angezeigt, obwohl das WLAN funktioniert und ich auch ganz normal ins Internet gehen kann.
Der Kaspersky Viren Scan konnte kein Virus finden.

Vielen Dank schon einmal im Voraus für jegliche Hilfe!

schrauber · 28.07.2015, 06:36

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

J3T · 28.07.2015, 11:58

Danke erst einmal für die Antwort

Okay dann teile ich die Logs noch ein mal auf, hatte sie bloß gezipt weil sie zu lang waren

FRST:

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Jonas (Administrator) auf JONAS-PC (28-07-2015 02:45:46)
Gestartet von C:\Users\Jonas\Desktop
Geladene Profile: Jonas (Verfügbare Profile: Jonas & Julia & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\Rezip.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jonas\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2010-01-11] (CyberLink Corp.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Amazon Music] => C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [icq] => C:\Users\Jonas\AppData\Roaming\ICQM\icq.exe [36705800 2015-01-23] (ICQ)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify] => C:\Users\Jonas\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE411
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=086D5CAC4C6773D7&affID=119820&tt=040713_ctrl&tsp=4934
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE411
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {9BDFD2F3-C0B9-4087-8413-B32C6DE0EAFF} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {AC129BF9-68BF-4bc4-A1DC-ECB62712FF99} URL = hxxp://search.kikin.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-01] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: kikin Plugin -> {E601996F-E400-41CA-804B-CD6373A7EEE2} -> C:\Program Files (x86)\kikin\ie_kikin.dll [2010-11-23] (kikin)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01] (DVDVideoSoft Ltd.)
Toolbar: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2014-12-19] (Microsoft Corporation)
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{85756C3D-F775-4D58-BAB3-ED1219199D92}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D2C2A8AD-0813-4195-8EBC-EF4AAE2F45FA}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{D8FE0184-4F0C-4D1C-83FA-2A727FA7F4EF}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856453&SearchSource=3&q={searchTerms}
FF Homepage: google.de|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-18] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2917951037-2729683539-371938882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\user.js [2015-04-27]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-05] (Apple Inc.)
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\11-suche.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\babylon.xml [2013-07-05]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\conduit.xml [2011-01-11]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\delta.xml [2013-07-05]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\englische-ergebnisse.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\gmx-suche.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\kikin-search.xml [2011-01-28]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\lastminute.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\webde-suche.xml [2012-02-08]
FF Extension: Conduit Engine  - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\engine@conduit.com [2011-03-30]
FF Extension: Vuze Remote  - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2015-02-04]
FF Extension: FDislike - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\fbdislike@doweb.fr.xpi [2012-04-03]
FF Extension: FireJump - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\firejump@firejump.net.xpi [2012-02-07]
FF Extension: ProxTube - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\ich@maltegoetz.de.xpi [2015-03-18]
FF Extension: Torntv - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\torntv@torntv.com.xpi [2012-11-09]
FF Extension: Stylish - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-08-09]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12]
FF Extension: Video DownloadHelper - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-18]
FF Extension: Adblock Plus - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-30]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-12-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19]

Chrome: 
=======
CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-02-11]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]
CHR Extension: (Facebook) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-02-11]
CHR Extension: (Black & white theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2015-04-02]
CHR Extension: (AdBlock) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (ProxPrice) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-16]
CHR Extension: (My Chrome Theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-02-11]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx [Not Found]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-02] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-06] (DT Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-24] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-24] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-24] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-24] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-24] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-24] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-08-11] (Windows (R) 2003 DDK 3790 provider)
R3 TotRec8; C:\windows\system32\drivers\TotRec8.sys [122960 2011-07-08] (High Criteria inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 utmyntm5; C:\windows\SysWOW64\Drivers\utmyntm5.sys [7168 2015-04-24] () [Datei ist nicht signiert]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
U4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
S3 X6va010; \??\C:\windows\SysWOW64\Drivers\X6va010 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-28 02:44 - 2015-07-28 02:45 - 00064193 _____ C:\Users\Jonas\Desktop\Addition.txt
2015-07-28 02:44 - 2015-07-28 02:45 - 00033413 _____ C:\Users\Jonas\Desktop\FRST.txt
2015-07-28 02:43 - 2015-07-28 02:45 - 00000000 ____D C:\FRST
2015-07-28 02:41 - 2015-07-28 02:42 - 02146816 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64 (1).exe
2015-07-28 02:37 - 2015-07-28 02:37 - 00000542 _____ C:\Users\Jonas\Desktop\defogger_disable.log
2015-07-28 02:37 - 2015-07-28 02:37 - 00000168 _____ C:\Users\Jonas\defogger_reenable
2015-07-28 02:35 - 2015-07-28 02:35 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2015-07-28 02:16 - 2015-07-28 02:16 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jonas\Downloads\tdsskiller.exe
2015-07-28 01:45 - 2015-07-28 01:45 - 00000756 _____ C:\Users\Jonas\Downloads\OCE_Network_Diagnostic.zip
2015-07-26 21:32 - 2015-07-27 17:53 - 00000224 _____ C:\windows\setupact.log
2015-07-26 21:32 - 2015-07-26 21:32 - 00000000 _____ C:\windows\setuperr.log
2015-07-25 14:11 - 2015-07-25 14:12 - 06609608 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup508.exe
2015-07-25 13:51 - 2015-07-25 13:52 - 01010176 _____ C:\Users\Jonas\Downloads\MicrosoftFixit50884.msi
2015-07-25 13:28 - 2015-07-25 13:30 - 174160152 _____ (Microsoft Corporation) C:\Users\Jonas\Downloads\msert.exe
2015-07-21 19:44 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-21 19:44 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-21 19:44 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 14:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 14:10 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 14:10 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 14:09 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 14:09 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 14:09 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 14:09 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 14:09 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 14:09 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 14:09 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 14:09 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 14:09 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 14:09 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 14:09 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 14:09 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 14:09 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 14:07 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 14:07 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 14:07 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 14:07 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 14:07 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 14:07 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 14:07 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 14:07 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 14:07 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 14:07 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 14:07 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 14:07 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 14:07 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 14:07 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 14:07 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 14:07 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 14:07 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 14:07 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 14:07 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 14:07 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 14:07 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 14:07 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 14:07 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 14:07 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 14:07 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 14:07 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 14:07 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-15 14:06 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-15 14:06 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-15 14:06 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-15 14:06 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-15 14:06 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-15 14:06 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-15 14:06 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-15 14:06 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-15 14:06 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 14:06 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 14:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 14:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 14:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 14:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 14:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 14:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 14:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 14:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 14:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-14 00:30 - 2015-07-14 00:31 - 06565736 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup507.exe
2015-07-07 13:21 - 2015-07-07 13:24 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\HTC
2015-07-07 13:20 - 2015-07-25 13:59 - 00000000 ____D C:\Users\Jonas\AppData\Local\HTC MediaHub
2015-07-07 13:20 - 2015-07-07 13:21 - 00000000 ____D C:\Users\Jonas\Documents\HTC
2015-07-07 13:20 - 2015-07-07 13:20 - 00000000 ____D C:\Users\Jonas\.android
2015-07-07 13:19 - 2015-07-07 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-07-07 13:19 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2015-07-07 13:17 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\HTC
2015-07-07 13:17 - 2015-07-07 13:17 - 00000000 ____D C:\ProgramData\HTC
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Program Files\iTunes
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Program Files\iPod
2015-07-05 19:09 - 2015-07-05 19:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-01 00:44 - 2015-07-01 00:45 - 01198368 _____ C:\Users\Jonas\Downloads\Fast IP Changer - CHIP-Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-28 02:43 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 02:43 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 02:37 - 2010-12-24 21:43 - 00000000 ____D C:\Users\Jonas
2015-07-28 02:36 - 2010-07-12 11:03 - 01359500 _____ C:\windows\WindowsUpdate.log
2015-07-28 02:18 - 2010-07-13 03:33 - 00770282 _____ C:\windows\system32\perfh007.dat
2015-07-28 02:18 - 2010-07-13 03:33 - 00174568 _____ C:\windows\system32\perfc007.dat
2015-07-28 02:18 - 2009-07-14 07:13 - 01797760 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-28 02:16 - 2010-12-24 22:52 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-28 02:16 - 2010-12-24 22:52 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 02:14 - 2015-06-27 13:00 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-27 22:54 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Spotify
2015-07-27 22:54 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Local\Spotify
2015-07-25 14:12 - 2013-11-17 01:37 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-25 14:12 - 2013-11-17 01:37 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 13:57 - 2015-02-22 15:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-25 13:55 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-23 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-23 01:35 - 2013-11-17 01:40 - 00001666 _____ C:\Users\Jonas\Documents\cc_20131117_004025.reg
2015-07-22 13:20 - 2009-07-14 06:45 - 00558672 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-16 04:21 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-16 04:21 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\system32\GWX
2015-07-16 04:21 - 2014-12-11 23:04 - 00000000 ____D C:\windows\system32\appraiser
2015-07-16 04:21 - 2014-05-06 18:49 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-16 04:21 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-16 04:19 - 2010-12-25 00:01 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2015-07-16 03:11 - 2013-08-14 22:03 - 00000000 ____D C:\windows\system32\MRT
2015-07-16 02:11 - 2010-12-24 22:52 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 02:11 - 2010-12-24 22:52 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:46 - 2010-07-12 11:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 00:46 - 2010-07-12 11:17 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 17:40 - 2014-04-28 16:49 - 00000000 ____D C:\Users\Jonas\Desktop\Musik_Mashups und Co
2015-07-14 20:15 - 2015-06-27 13:00 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 20:15 - 2012-04-16 12:49 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 20:15 - 2011-05-16 16:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 00:01 - 2014-09-21 20:19 - 00000000 ____D C:\Users\Jonas\Desktop\FHW
2015-07-11 03:25 - 2011-01-05 21:49 - 00003788 _____ C:\windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-07-10 16:25 - 2013-11-22 18:12 - 00000000 ___RD C:\Users\Jonas\Dropbox
2015-07-10 15:04 - 2013-11-22 18:10 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Dropbox
2015-07-10 04:31 - 2014-06-26 22:52 - 00032768 _____ C:\windows\system32\persistent_q.db-shm
2015-07-10 04:31 - 2014-06-26 22:52 - 00003072 _____ C:\windows\system32\persistent_q.db
2015-07-07 17:27 - 2013-04-29 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Apple Computer
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple Computer
2015-07-07 13:20 - 2010-12-24 21:50 - 00168280 _____ C:\Users\Jonas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 13:18 - 2011-08-23 16:46 - 00000000 ____D C:\Users\Jonas\AppData\Local\Downloaded Installations
2015-07-07 13:17 - 2013-04-02 13:35 - 00000000 ____D C:\temp
2015-07-06 21:31 - 2011-01-28 20:50 - 00000000 ___RD C:\Users\Jonas\Desktop\Sonstiges
2015-07-06 21:29 - 2012-07-16 22:56 - 00000000 ____D C:\Users\Jonas\Desktop\Bilder
2015-07-05 19:09 - 2014-01-28 18:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-05 19:08 - 2015-04-10 12:58 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-05 02:35 - 2012-10-21 15:47 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\vlc
2015-07-03 12:58 - 2014-10-22 21:13 - 00225976 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
2015-07-03 08:43 - 2010-12-27 23:08 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Jonas\AppData\Local\CDRip.dll
2011-04-17 20:21 - 2013-10-23 18:49 - 0006656 _____ () C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Jonas\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Jonas\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Jonas\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Jonas\AppData\Local\ogg.dll
2011-07-25 12:23 - 2015-06-21 19:38 - 0001483 _____ () C:\Users\Jonas\AppData\Local\RecConfig.xml
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Jonas\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Jonas\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Jonas\AppData\Local\vorbisfile.dll
2012-02-21 19:42 - 2012-02-21 19:42 - 0017408 _____ () C:\Users\Jonas\AppData\Local\WebpageIcons.db
2010-12-24 21:45 - 2010-01-16 08:15 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-07-12 11:14 - 2010-07-12 11:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-12 11:12 - 2010-07-12 11:13 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-07-12 11:08 - 2010-07-12 11:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-12 11:13 - 2010-07-12 11:13 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-07-12 11:07 - 2010-07-12 11:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-12 11:09 - 2010-07-12 11:12 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 02:06

==================== Ende von log ============================

--- --- ---

J3T · 28.07.2015, 11:59

ADDITION:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Jonas an 2015-07-28 02:46:24
Gestartet von C:\Users\Jonas\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2917951037-2729683539-371938882-500 - Administrator - Disabled)
Gast (S-1-5-21-2917951037-2729683539-371938882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2917951037-2729683539-371938882-1002 - Limited - Enabled)
Jonas (S-1-5-21-2917951037-2729683539-371938882-1001 - Administrator - Enabled) => C:\Users\Jonas
Julia (S-1-5-21-2917951037-2729683539-371938882-1007 - Limited - Enabled) => C:\Users\Julia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
BatteryLifeExtender (HKLM-x32\...\{3F41D0D3-BF0B-4C87-B14A-38365F50732B}) (Version: 1.0.4 - Samsung)
Battle Realms WOTW Expansion (HKLM-x32\...\{88D489A4-D954-414F-9F49-117EFB372951}) (Version: 0.20.000 - Liquid Entertainment)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
ClassPad OS Update (Single License) (HKLM-x32\...\{FEF2CDCC-8ECE-4B65-AAD9-BD42E654A78B}) (Version: 1.00.0000 - CASIO COMPUTER CO., LTD.)
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.1 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FireJump 1.0 (HKLM-x32\...\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1) (Version:  - )
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.2 - goldensoft.org)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
HyperCam 3 (HKLM-x32\...\HyperCam 3) (Version: 3.1.1104.5 - Solveig Multimedia)
ICQ 7.7 Build #6547 Banner Remover 1.0 (HKLM-x32\...\{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1) (Version:  - murb.com)
ICQ 8.3 (build 7317) (HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\ICQ) (Version: 8.3.7317.0 - ICQ)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.710 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
kikin plugin 2.8 (HKLM-x32\...\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}) (Version: 2.8 - kikin)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.1.4 - www.leaguereplays.com)
MAGIX Music Maker Silver (HKLM-x32\...\MAGIX_MSI_mm17_silver) (Version: 17.0.2.10 - MAGIX AG)
MAGIX Music Maker Silver (x32 Version: 17.0.2.10 - MAGIX AG) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Premium 2013 (HKLM-x32\...\{f8edda21-2644-4bcb-a7a0-5a5956ae2f48}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mirror's Edge™ (HKLM-x32\...\{A99CE45B-E8DB-4F8B-B95E-B900BA3822D4}) (Version: 1.0.1.0 - Electronic Arts)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Module Microsoft Report Viewer pour Visual Studio*2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Program-Link FA-CP1 (Single License) (HKLM-x32\...\{53FB84B2-23CC-47BE-903F-EC1841459509}) (Version: 1.0.3.0 - CASIO COMPUTER CO., LTD.)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Sandlot Games Client Services 1.2.2 (HKLM-x32\...\Sandlot Games Client Services 1.2.2_is1) (Version:  - Sandlot Games)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
simfy (HKLM-x32\...\Simfy) (Version: 1.7.7 - simfy AG)
simfy (x32 Version: 1.7.7 - simfy AG) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.9.24 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.136 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.136 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Total Recorder 8.3 Professional Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.4600.4 - TuneUp Software)
TuneUp Utilities 2011 (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
XMedia Recode 3.0.8.1 (HKLM-x32\...\XMedia Recode) (Version: 3.0.8.1 - Sebastian Dörfler)
XMedia Recode Version 3.2.1.3 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.1.3 - XMedia Recode)
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917951037-2729683539-371938882-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1856E2AD-4F70-43DF-BAF8-C7458D69E06A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {293BC792-6E17-4567-A1DF-7208EDCAFE4C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-12-19] (Microsoft Corporation)
Task: {425BB0B1-3E9E-4B02-AE12-30B498791B21} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: {4F0DCD56-FD67-4D44-AD82-9C1FFFF40D00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {57E8F59C-17B8-4C3C-B8D8-B2D59017042D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe [2011-12-13] (TuneUp Software)
Task: {65CA35AE-4AF6-4E29-BD64-9F6FA8853B0C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {68643E8E-7F81-4CF9-9CA2-5AC0F312CAB3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001Core => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02] (Facebook Inc.)
Task: {7534047F-F00B-48EB-BBB0-93DFA5CEE5AB} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {7A2999BF-4C31-4F1C-B77E-57C46EE55EF4} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-05-06] (Samsung Electronics. Co. Ltd.)
Task: {7B1129C9-2127-4EE0-8F0B-C8FF3C38562A} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {7CA87F49-CA8A-41F2-A27E-B222451C52AC} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {8F54B5E9-F17C-4825-BE6D-3F207E84D817} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001UA => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02] (Facebook Inc.)
Task: {94C62F8C-822D-4C1A-9E10-A749225D8789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {A1CA039F-A08A-4672-8F72-0AC49B33CEBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-19] (Microsoft Corporation)
Task: {A95E2678-0F62-4E95-BB2B-F4DA5AF06AB5} - System32\Tasks\{EFBB8190-578A-4CBB-83B4-0E55B2296C05} => Chrome.exe 
Task: {AFB51684-1E79-4479-9556-2BAF2FB9C40A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {B536D208-68CA-470A-BF11-1F387AA7F475} - System32\Tasks\{BED9949B-0B2C-41F0-8551-ECB9D414B61E} => Chrome.exe 
Task: {B9810AA1-A6D6-4A30-B20A-14F1A5B15F1E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {B9E91D60-451C-4ACB-9EB9-1300CEB2B883} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-04-07] (Samsung Electronics Co., Ltd.)
Task: {C717A156-617E-4D5E-BC37-65F36628A3AC} - System32\Tasks\{E7B66FE0-4B77-4745-88F4-2B85C267364D} => pcalua.exe -a C:\Users\Jonas\Downloads\Multi-Plugin.exe -d C:\Users\Jonas\Downloads
Task: {CB909413-2EE3-4695-9AE5-71F2AA1C880D} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {DC3154B9-69DC-4B0E-AC27-36DB96858103} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {F15309B2-7639-45C9-B19D-23E2BFD0BF84} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FE8E5EDE-AE2C-4A97-BA7E-1701BE8AFA2A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-12-19] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001Core.job => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001UA.job => C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-25 19:07 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-18 23:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2010-07-12 11:03 - 2009-03-05 11:54 - 00311296 _____ () C:\windows\SysWOW64\Rezip.exe
2015-04-13 15:55 - 2015-04-13 15:55 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-12-14 18:20 - 2014-12-08 08:27 - 06277952 _____ () C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-04-13 15:54 - 2015-04-13 15:54 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-04-13 15:55 - 2015-04-13 15:55 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-07-12 11:16 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-07-24 21:05 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-24 21:05 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
MpsSvc Firewall Dienst läuft nicht.
bfe Firewall Dienst läuft nicht.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{447C86D1-0796-4BA3-8DA9-43F4B313DC90}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0304C89D-231A-42EB-AB51-6D22DCA0343C}] => (Allow) svchost.exe
FirewallRules: [{D0C722D7-12BE-45EA-8FAF-4A12DBAE2AAE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{69E69EA8-7985-44BA-83A7-5E103731442C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{048D726E-966C-4D0D-9C81-E832B6105C83}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{47EFBCAD-3E69-4E87-A7B4-38D506BB3EA3}] => (Allow) LPort=2869
FirewallRules: [{0BC88300-ED39-4EBC-948D-7DA3B1B72E68}] => (Allow) LPort=1900
FirewallRules: [{710D1331-BEB2-4075-8BC5-5E4483786B77}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{CE0075AD-D88D-48E2-8DE6-76CA449D0C00}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B6AD1B53-6259-49D0-8F88-B7BDC255CE6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5FB7C17F-D4B0-4E5F-A30B-684570671A51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D5556F4-D71F-4EA8-B3C1-31A547C794A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC86CEBA-5E80-4F5A-BDCB-13DB1FC81FCE}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{4E9BB820-18D6-42EC-8C68-812841B5B364}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{0E8C95C2-E598-498E-A132-E1BCFAF64F5E}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{67E821FE-0FFF-41A6-A814-5DCC2EF944E8}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{3C56C770-1B90-4C81-B08F-6C901714CBC0}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{C0A9F708-65F1-4F9B-B001-BC05196307E1}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [TCP Query User{0499657D-0A07-4DA7-A399-FC87893CA1B1}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A9103A78-2182-48FB-B359-286A644B72A2}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{FDFE7B0A-36CA-492D-88DB-C28B94AF579F}] => (Block) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{78941A43-4EDB-4E03-B58C-F3586237011A}] => (Block) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [TCP Query User{D3AA7174-FB4E-484D-BCA6-C10F2A0D2599}C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe] => (Allow) C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe
FirewallRules: [UDP Query User{1E1A1D19-A6C8-41CE-B264-AF390BADE208}C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe] => (Allow) C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe
FirewallRules: [{FED12E47-07A6-4C02-B026-F1D326658049}] => (Block) C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe
FirewallRules: [{A5900180-720A-46B2-B52D-D9EA6A0AFA38}] => (Block) C:\program files (x86)\liquid entertainment\battle realms\battle_realms_f.exe
FirewallRules: [TCP Query User{DB38F14B-8AD8-4EA6-A4AC-01304D126284}G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{EF7D15E0-38E6-436A-AE1E-B7684C144E5B}G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{92DD1EE0-538B-435C-BE7F-2BFA2439A5C2}] => (Block) G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{3112B358-E462-4270-8078-BFBDF9B239FB}] => (Block) G:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [TCP Query User{DEE6A000-CDA8-4A88-AFAE-64191EB6BEE8}C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{908CB5D3-C070-4FE7-93A9-2B32ABB707F5}C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{557B3426-B887-4884-93EF-9D44A4C8F548}] => (Block) C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{03D9527C-9975-407B-AB32-4CBD2CF257C7}] => (Block) C:\users\jonas\desktop\sonstiges\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{58931FF1-C94A-422A-8454-E6440190314F}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{F6AEE05F-1E96-4E10-AEA1-08095963B3EC}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [TCP Query User{7F2AF900-0B27-4851-9446-0871E3C6D66D}C:\program files (x86)\icq7.4\icq.exe] => (Allow) C:\program files (x86)\icq7.4\icq.exe
FirewallRules: [UDP Query User{2F87F47D-FE1F-4887-A093-32B445337DEF}C:\program files (x86)\icq7.4\icq.exe] => (Allow) C:\program files (x86)\icq7.4\icq.exe
FirewallRules: [{0811BA79-4E93-42B0-872B-248D1AE20273}] => (Block) C:\program files (x86)\icq7.4\icq.exe
FirewallRules: [{62EB2082-F649-4428-BA4B-87A8FBA7BF59}] => (Block) C:\program files (x86)\icq7.4\icq.exe
FirewallRules: [TCP Query User{6272C022-815B-4109-8B5E-96C91513C181}C:\program files (x86)\icq7m\icq.exe] => (Block) C:\program files (x86)\icq7m\icq.exe
FirewallRules: [UDP Query User{13307EF6-12E3-4FE8-8AE8-F59A107CE4E7}C:\program files (x86)\icq7m\icq.exe] => (Block) C:\program files (x86)\icq7m\icq.exe
FirewallRules: [TCP Query User{7B6C5C63-EB47-4C8F-9FFF-8581D05C2AE0}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{CC290CD9-B04F-4F1A-87B2-5247D03AD080}C:\program files (x86)\lolreplay\lolreplay.exe] => (Allow) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{7C3E3BFE-6B97-43B3-AED5-E61F50A7A06D}] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [{BA8D40BD-365D-4289-BB5F-35A4F47ECE81}] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{9F30B820-0B27-4B9B-8E32-8C3142B78718}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{502A0F2A-F3DB-4B7D-B10A-713BA48511F6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{6D04A1C0-4AC3-4885-8F39-78722FCD8AF1}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D81341A5-0876-45BC-A16E-1C0FB1CD036B}] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{1ED05274-0852-4A12-AACF-227ACA864F31}] => (Allow) C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{98200013-EC7D-4B9F-AF2C-9A95AC66745F}] => (Allow) C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{620F322A-55A6-4494-AC95-7B63665E691B}] => (Allow) C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1CBF1B25-597B-4B4B-B04F-A34B68168BDD}] => (Allow) C:\Users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E5CB7987-8F2A-4FE4-8BAA-2A098C07EA9C}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{416BFCB5-8106-4D52-8D79-E68D49DA5FFC}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{AC60EC34-592E-446D-99E5-6BB4959F814D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{62A11341-A656-4736-BF1A-5144451FC1C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD68146F-21F1-4C37-92D2-7C208B62072F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{2EC28781-7020-4D51-B77E-EE20A6E96106}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{EDC3F66D-D64B-441C-9BBA-8DB767BF38FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15D76DD4-15C1-4614-85F7-CC6DB98D30F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B261D3AF-3FB6-45F1-90CC-E81ACFB32F8C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86882DC1-5597-4A59-B012-156C8219132E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F36CEB9-A496-4349-BF21-F981DCEF924C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E9B20FAB-AC8D-4D83-A29F-386B7B984E13}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8CB5F19D-D44D-488A-9824-CA1DD7FF7EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D37D4646-54FC-42CD-8DBB-C42CDF7024CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C2282FAE-7F3E-42E3-9EB3-5E42615AF155}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E0226398-2D0F-4006-A3A8-374067B38557}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{E5631A07-FDCA-4391-B5D8-1CA243DA2055}C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{4D5B6ABA-0CF0-4120-933E-E4377ECB2ACA}C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{58A25AAE-A2C0-4FE0-986E-F9C86255F262}] => (Block) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{11F17DE8-E198-45D7-932F-FF71EA6B0414}] => (Block) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [TCP Query User{F5175266-60D7-471C-9E5D-2FFB705D5188}C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{1B70F48B-AE1A-4091-B418-843D2141A2C2}C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{F916680C-0910-4523-9BDC-3E2661CF369C}] => (Block) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{B2B77062-06AA-437F-8085-F62356857AC5}] => (Block) C:\users\jonas\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: WebCam SCB-1900N
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/28/2015 02:46:25 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:46:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:44:58 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:44:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:07:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 5.14.0.334 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fb4

Startzeit: 01d0c8c8ea62b4bb

Endzeit: 66

Anwendungspfad: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.97\deploy\League of Legends.exe

Berichts-ID:

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2279206

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2279206

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/27/2015 10:15:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8128

Error: (07/27/2015 10:15:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8128


Systemfehler:
=============
Error: (07/28/2015 02:46:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073741288.

Error: (07/28/2015 02:46:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (07/28/2015 02:46:05 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073741288.

Error: (07/28/2015 02:46:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/28/2015 02:46:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (07/28/2015 02:45:53 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073741288.

Error: (07/28/2015 02:45:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1062

Error: (07/28/2015 02:45:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (07/28/2015 02:44:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073741288.

Error: (07/28/2015 02:44:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0


Microsoft Office:
=========================
Error: (07/28/2015 02:46:25 AM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:46:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:44:58 AM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:44:58 AM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (07/28/2015 02:07:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe5.14.0.334fb401d0c8c8ea62b4bb66C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.97\deploy\League of Legends.exe

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2279206

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2279206

Error: (07/27/2015 10:53:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/27/2015 10:15:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8128

Error: (07/27/2015 10:15:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8128


CodeIntegrity Fehler:
===================================
  Date: 2015-02-12 13:14:03.671
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-12 13:14:03.661
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-12 12:55:38.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-12 12:55:38.374
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 14:42:41.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 14:42:41.706
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 14:34:41.455
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 14:34:41.422
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-15 19:26:29.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-15 19:26:29.173
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 3956.55 MB
Available physical RAM: 1360.67 MB
Total Virtual: 7911.31 MB
Available Virtual: 4882.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231 GB) (Free:53.83 GB) NTFS
Drive d: () (Fixed) (Total:345.07 GB) (Free:314.29 GB) NTFS
Drive f: (VS2013_2_PREM_DEU) (CDROM) (Total:5.77 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1839B3B7)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=345.1 GB) - (Type=OF Extended)

==================== Ende von log ============================

J3T · 28.07.2015, 12:00

und Gmer:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-28 03:12:50
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AJ1 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Jonas\AppData\Local\Temp\kgloypow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe[1772] C:\windows\SysWOW64\ntdll.dll!NtQueryValueKey               000000007794faf4 5 bytes JMP 0000000172a82e30
.text  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe[1772] C:\windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory        0000000077950084 5 bytes JMP 0000000172a82df0
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                         00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                         0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                 00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                   0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                       0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                     0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                         0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531              0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                     00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                   00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79    000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184   0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299           0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375           0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                       000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                       00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                      000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                      00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197          00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                   0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                  0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                  0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                      00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                      00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                   000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                   0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256               0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                  0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501               0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                          0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                    0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                      0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                      0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                      0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                         000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                         00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45           000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4               0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92              00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                        0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                             000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                           000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                 000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                               000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                   000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                   000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                 000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                 000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312               00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471               00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                            00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                         00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                         00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[944] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                   00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5332] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5992] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5712] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6444] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6064] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5828] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531             0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                     000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                     00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                     0000000077756016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                        000000007775610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777562fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          000000007775633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077756354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             00000000777563ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077756b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007779f0e0 8 bytes JMP 3f3f3f3f
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[6680] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                            00000000777513ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                            0000000077751544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                                    00000000777518ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                                   0000000077751ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                                      0000000077751d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!isalpha + 31                                                          0000000077751e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                                        0000000077751f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                            0000000077752238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531                                 0000000077752683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                                        00000000777526a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                                      00000000777526c2 8 bytes {JMP 0x10}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79                       000000007775271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184                      0000000077752788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 4
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                              0000000077752b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                              0000000077752b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                                          000000007775306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                                          00000000777531f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 318                                                         000000007775388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!_itow_s + 403                                                         00000000777538e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                             00000000777539b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                                      0000000077753f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                                     0000000077754001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                                     0000000077754075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 3
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                                         00000000777541b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                                         00000000777541f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                                   0000000077754461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                                      000000007775464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                                      0000000077754713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                                   0000000077754807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                                   0000000077754926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  ...                                                                                                                                               * 2
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                                  0000000077754a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                                     0000000077754aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                                  0000000077754ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                             0000000077754ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                                       0000000077754fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                                         0000000077755193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                                         0000000077755f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                                         0000000077756016 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!atol + 194                                                            000000007775610e 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!qsort + 76                                                            00000000777562fc 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                              000000007775633d 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                                  0000000077756354 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                                 00000000777563ac 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                           0000000077756b76 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                000000007779dc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                              000000007779de00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                    000000007779de30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                  000000007779df50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                      000000007779e000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                      000000007779e630 8 bytes {JMP QWORD [RIP-0x47102]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                    000000007779e880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                    000000007779f0e0 8 bytes {JMP QWORD [RIP-0x48d3a]}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                                  00000000751c13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                                  00000000751c146b 8 bytes {JMP 0xffffffffffffffb0}
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                               00000000751c16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                            00000000751c19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                            00000000751c19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text  C:\Users\Jonas\Downloads\Gmer-19357.exe[5844] C:\windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                                      00000000751c1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]

---- Disk sectors - GMER 2.1 ----

Disk   \Device\Harddisk0\DR0                                                                                                                             unknown MBR code

---- EOF - GMER 2.1 ----

schrauber · 29.07.2015, 06:42

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Bundled software uninstaller
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

J3T · 29.07.2015, 15:28

mbar:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.29.02
  rootkit: v2015.07.29.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Jonas :: JONAS-PC [administrator]

29.07.2015 13:13:34
mbar-log-2015-07-29 (13-13-34).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 605060
Time elapsed: 59 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSS:

Code:

ATTFilter

16:00:37.0675 0x10f0  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:00:41.0233 0x10f0  ============================================================
16:00:41.0233 0x10f0  Current date / time: 2015/07/29 16:00:41.0233
16:00:41.0233 0x10f0  SystemInfo:
16:00:41.0233 0x10f0  
16:00:41.0234 0x10f0  OS Version: 6.1.7601 ServicePack: 1.0
16:00:41.0234 0x10f0  Product type: Workstation
16:00:41.0234 0x10f0  ComputerName: JONAS-PC
16:00:41.0234 0x10f0  UserName: Jonas
16:00:41.0234 0x10f0  Windows directory: C:\windows
16:00:41.0234 0x10f0  System windows directory: C:\windows
16:00:41.0234 0x10f0  Running under WOW64
16:00:41.0234 0x10f0  Processor architecture: Intel x64
16:00:41.0234 0x10f0  Number of processors: 4
16:00:41.0234 0x10f0  Page size: 0x1000
16:00:41.0234 0x10f0  Boot type: Normal boot
16:00:41.0234 0x10f0  ============================================================
16:00:41.0639 0x10f0  KLMD registered as C:\windows\system32\drivers\99060211.sys
16:00:43.0671 0x10f0  System UUID: {71DBD438-2E72-DC61-20B7-5E5B45777C05}
16:00:45.0124 0x10f0  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:00:45.0128 0x10f0  ============================================================
16:00:45.0128 0x10f0  \Device\Harddisk0\DR0:
16:00:45.0129 0x10f0  MBR partitions:
16:00:45.0129 0x10f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
16:00:45.0129 0x10f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x1CE00000
16:00:45.0165 0x10f0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1F633000, BlocksNum 0x2B224800
16:00:45.0165 0x10f0  ============================================================
16:00:45.0397 0x10f0  C: <-> \Device\Harddisk0\DR0\Partition2
16:00:45.0505 0x10f0  D: <-> \Device\Harddisk0\DR0\Partition3
16:00:45.0595 0x10f0  ============================================================
16:00:45.0596 0x10f0  Initialize success
16:00:45.0596 0x10f0  ============================================================
16:01:11.0377 0x1ed8  ============================================================
16:01:11.0377 0x1ed8  Scan started
16:01:11.0377 0x1ed8  Mode: Manual; SigCheck; TDLFS; 
16:01:11.0377 0x1ed8  ============================================================
16:01:11.0377 0x1ed8  KSN ping started
16:01:14.0141 0x1ed8  KSN ping finished: true
16:01:14.0749 0x1ed8  ================ Scan system memory ========================
16:01:14.0749 0x1ed8  System memory - ok
16:01:14.0750 0x1ed8  ================ Scan services =============================
16:01:14.0910 0x1ed8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
16:01:15.0092 0x1ed8  1394ohci - ok
16:01:15.0160 0x1ed8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
16:01:15.0182 0x1ed8  ACPI - ok
16:01:15.0234 0x1ed8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
16:01:15.0342 0x1ed8  AcpiPmi - ok
16:01:15.0504 0x1ed8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:01:15.0516 0x1ed8  AdobeARMservice - ok
16:01:15.0684 0x1ed8  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:01:15.0700 0x1ed8  AdobeFlashPlayerUpdateSvc - ok
16:01:15.0786 0x1ed8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
16:01:15.0811 0x1ed8  adp94xx - ok
16:01:15.0854 0x1ed8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
16:01:15.0874 0x1ed8  adpahci - ok
16:01:15.0904 0x1ed8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
16:01:15.0920 0x1ed8  adpu320 - ok
16:01:15.0966 0x1ed8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
16:01:16.0046 0x1ed8  AeLookupSvc - ok
16:01:16.0109 0x1ed8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
16:01:16.0223 0x1ed8  AFD - ok
16:01:16.0274 0x1ed8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
16:01:16.0286 0x1ed8  agp440 - ok
16:01:16.0312 0x1ed8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
16:01:16.0382 0x1ed8  ALG - ok
16:01:16.0453 0x1ed8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
16:01:16.0464 0x1ed8  aliide - ok
16:01:16.0494 0x1ed8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
16:01:16.0505 0x1ed8  amdide - ok
16:01:16.0536 0x1ed8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
16:01:16.0593 0x1ed8  AmdK8 - ok
16:01:16.0607 0x1ed8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
16:01:16.0641 0x1ed8  AmdPPM - ok
16:01:16.0701 0x1ed8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
16:01:16.0715 0x1ed8  amdsata - ok
16:01:16.0736 0x1ed8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
16:01:16.0751 0x1ed8  amdsbs - ok
16:01:16.0768 0x1ed8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
16:01:16.0780 0x1ed8  amdxata - ok
16:01:16.0886 0x1ed8  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\windows\system32\inetsrv\apphostsvc.dll
16:01:16.0952 0x1ed8  AppHostSvc - ok
16:01:17.0006 0x1ed8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
16:01:17.0074 0x1ed8  AppID - ok
16:01:17.0093 0x1ed8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
16:01:17.0134 0x1ed8  AppIDSvc - ok
16:01:17.0180 0x1ed8  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\windows\System32\appinfo.dll
16:01:17.0242 0x1ed8  Appinfo - ok
16:01:17.0364 0x1ed8  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:01:17.0374 0x1ed8  Apple Mobile Device Service - ok
16:01:17.0420 0x1ed8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
16:01:17.0434 0x1ed8  arc - ok
16:01:17.0453 0x1ed8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
16:01:17.0467 0x1ed8  arcsas - ok
16:01:17.0599 0x1ed8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:01:17.0645 0x1ed8  aspnet_state - ok
16:01:17.0701 0x1ed8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
16:01:17.0826 0x1ed8  AsyncMac - ok
16:01:17.0884 0x1ed8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
16:01:17.0895 0x1ed8  atapi - ok
16:01:18.0037 0x1ed8  [ 6C496450404ABDC887E56DF462B34255, AF0FF6E8F331DC09F7C3CB85B8E89395A16359483F4485871EDE29C6A7FA1ACD ] athr            C:\windows\system32\DRIVERS\athrx.sys
16:01:18.0164 0x1ed8  athr - ok
16:01:18.0245 0x1ed8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:01:18.0291 0x1ed8  AudioEndpointBuilder - ok
16:01:18.0310 0x1ed8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
16:01:18.0338 0x1ed8  AudioSrv - ok
16:01:18.0460 0x1ed8  [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
16:01:18.0493 0x1ed8  AVP15.0.2 - ok
16:01:18.0543 0x1ed8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
16:01:18.0630 0x1ed8  AxInstSV - ok
16:01:18.0672 0x1ed8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
16:01:18.0720 0x1ed8  b06bdrv - ok
16:01:18.0762 0x1ed8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
16:01:18.0797 0x1ed8  b57nd60a - ok
16:01:18.0848 0x1ed8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
16:01:18.0893 0x1ed8  BDESVC - ok
16:01:18.0930 0x1ed8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
16:01:18.0981 0x1ed8  Beep - ok
16:01:19.0096 0x1ed8  [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:01:19.0119 0x1ed8  BEService - ok
16:01:19.0263 0x1ed8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
16:01:19.0326 0x1ed8  BFE - ok
16:01:19.0374 0x1ed8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
16:01:19.0515 0x1ed8  BITS - ok
16:01:19.0560 0x1ed8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
16:01:19.0585 0x1ed8  blbdrive - ok
16:01:19.0686 0x1ed8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:01:19.0704 0x1ed8  Bonjour Service - ok
16:01:19.0756 0x1ed8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
16:01:19.0826 0x1ed8  bowser - ok
16:01:19.0865 0x1ed8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
16:01:19.0931 0x1ed8  BrFiltLo - ok
16:01:19.0960 0x1ed8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
16:01:19.0995 0x1ed8  BrFiltUp - ok
16:01:20.0056 0x1ed8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
16:01:20.0116 0x1ed8  Browser - ok
16:01:20.0137 0x1ed8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
16:01:20.0172 0x1ed8  Brserid - ok
16:01:20.0191 0x1ed8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
16:01:20.0228 0x1ed8  BrSerWdm - ok
16:01:20.0262 0x1ed8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
16:01:20.0290 0x1ed8  BrUsbMdm - ok
16:01:20.0306 0x1ed8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
16:01:20.0338 0x1ed8  BrUsbSer - ok
16:01:20.0391 0x1ed8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
16:01:20.0480 0x1ed8  BthEnum - ok
16:01:20.0539 0x1ed8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
16:01:20.0567 0x1ed8  BTHMODEM - ok
16:01:20.0601 0x1ed8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
16:01:20.0646 0x1ed8  BthPan - ok
16:01:20.0715 0x1ed8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
16:01:20.0762 0x1ed8  BTHPORT - ok
16:01:20.0815 0x1ed8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
16:01:20.0873 0x1ed8  bthserv - ok
16:01:20.0904 0x1ed8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
16:01:20.0933 0x1ed8  BTHUSB - ok
16:01:20.0966 0x1ed8  c2wts - ok
16:01:21.0005 0x1ed8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
16:01:21.0063 0x1ed8  cdfs - ok
16:01:21.0117 0x1ed8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
16:01:21.0140 0x1ed8  cdrom - ok
16:01:21.0187 0x1ed8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
16:01:21.0240 0x1ed8  CertPropSvc - ok
16:01:21.0275 0x1ed8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
16:01:21.0299 0x1ed8  circlass - ok
16:01:21.0418 0x1ed8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
16:01:21.0447 0x1ed8  CLFS - ok
16:01:21.0585 0x1ed8  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:01:21.0658 0x1ed8  ClickToRunSvc - ok
16:01:21.0728 0x1ed8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:01:21.0743 0x1ed8  clr_optimization_v2.0.50727_32 - ok
16:01:21.0797 0x1ed8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:01:21.0812 0x1ed8  clr_optimization_v2.0.50727_64 - ok
16:01:21.0902 0x1ed8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:01:21.0919 0x1ed8  clr_optimization_v4.0.30319_32 - ok
16:01:21.0970 0x1ed8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:01:22.0000 0x1ed8  clr_optimization_v4.0.30319_64 - ok
16:01:22.0047 0x1ed8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
16:01:22.0068 0x1ed8  CmBatt - ok
16:01:22.0103 0x1ed8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
16:01:22.0114 0x1ed8  cmdide - ok
16:01:22.0195 0x1ed8  [ 429B31D047CFAD3CA5DD38120A2CE455, 5CC1459CBBBF2E6788635D4C277B116D90AE01DBE7AD561EB41A668F64801E80 ] cm_km_w         C:\windows\system32\DRIVERS\cm_km_w.sys
16:01:22.0213 0x1ed8  cm_km_w - ok
16:01:22.0287 0x1ed8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
16:01:22.0326 0x1ed8  CNG - ok
16:01:22.0354 0x1ed8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
16:01:22.0372 0x1ed8  Compbatt - ok
16:01:22.0409 0x1ed8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
16:01:22.0438 0x1ed8  CompositeBus - ok
16:01:22.0461 0x1ed8  COMSysApp - ok
16:01:22.0484 0x1ed8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
16:01:22.0496 0x1ed8  crcdisk - ok
16:01:22.0563 0x1ed8  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
16:01:22.0638 0x1ed8  CryptSvc - ok
16:01:22.0699 0x1ed8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
16:01:22.0765 0x1ed8  DcomLaunch - ok
16:01:22.0793 0x1ed8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
16:01:22.0845 0x1ed8  defragsvc - ok
16:01:22.0901 0x1ed8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
16:01:22.0949 0x1ed8  DfsC - ok
16:01:23.0227 0x1ed8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
16:01:23.0375 0x1ed8  Dhcp - ok
16:01:23.0536 0x1ed8  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\windows\system32\diagtrack.dll
16:01:23.0622 0x1ed8  DiagTrack - ok
16:01:23.0666 0x1ed8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
16:01:23.0716 0x1ed8  discache - ok
16:01:23.0758 0x1ed8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
16:01:23.0771 0x1ed8  Disk - ok
16:01:23.0822 0x1ed8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
16:01:23.0867 0x1ed8  Dnscache - ok
16:01:23.0897 0x1ed8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
16:01:23.0941 0x1ed8  dot3svc - ok
16:01:23.0966 0x1ed8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
16:01:24.0024 0x1ed8  DPS - ok
16:01:24.0077 0x1ed8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
16:01:24.0136 0x1ed8  drmkaud - ok
16:01:24.0210 0x1ed8  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\windows\system32\DRIVERS\dtsoftbus01.sys
16:01:24.0227 0x1ed8  dtsoftbus01 - ok
16:01:24.0277 0x1ed8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
16:01:24.0316 0x1ed8  DXGKrnl - ok
16:01:24.0362 0x1ed8  EagleX64 - ok
16:01:24.0410 0x1ed8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
16:01:24.0467 0x1ed8  EapHost - ok
16:01:24.0599 0x1ed8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
16:01:24.0718 0x1ed8  ebdrv - ok
16:01:24.0807 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\windows\System32\lsass.exe
16:01:24.0856 0x1ed8  EFS - ok
16:01:24.0922 0x1ed8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
16:01:25.0014 0x1ed8  ehRecvr - ok
16:01:25.0039 0x1ed8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
16:01:25.0095 0x1ed8  ehSched - ok
16:01:25.0177 0x1ed8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
16:01:25.0203 0x1ed8  elxstor - ok
16:01:25.0224 0x1ed8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
16:01:25.0236 0x1ed8  ErrDev - ok
16:01:25.0284 0x1ed8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
16:01:25.0348 0x1ed8  EventSystem - ok
16:01:25.0415 0x1ed8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
16:01:25.0467 0x1ed8  exfat - ok
16:01:25.0482 0x1ed8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
16:01:25.0531 0x1ed8  fastfat - ok
16:01:25.0594 0x1ed8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
16:01:25.0707 0x1ed8  Fax - ok
16:01:25.0728 0x1ed8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
16:01:25.0753 0x1ed8  fdc - ok
16:01:25.0799 0x1ed8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
16:01:25.0853 0x1ed8  fdPHost - ok
16:01:25.0869 0x1ed8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
16:01:25.0922 0x1ed8  FDResPub - ok
16:01:25.0949 0x1ed8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
16:01:25.0962 0x1ed8  FileInfo - ok
16:01:25.0979 0x1ed8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
16:01:26.0027 0x1ed8  Filetrace - ok
16:01:26.0044 0x1ed8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
16:01:26.0068 0x1ed8  flpydisk - ok
16:01:26.0087 0x1ed8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
16:01:26.0106 0x1ed8  FltMgr - ok
16:01:26.0198 0x1ed8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\windows\system32\FntCache.dll
16:01:26.0284 0x1ed8  FontCache - ok
16:01:26.0331 0x1ed8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:01:26.0342 0x1ed8  FontCache3.0.0.0 - ok
16:01:26.0364 0x1ed8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
16:01:26.0377 0x1ed8  FsDepends - ok
16:01:26.0458 0x1ed8  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\windows\system32\DRIVERS\fssfltr.sys
16:01:26.0469 0x1ed8  fssfltr - ok
16:01:26.0614 0x1ed8  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:01:26.0664 0x1ed8  fsssvc - ok
16:01:26.0712 0x1ed8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
16:01:26.0723 0x1ed8  Fs_Rec - ok
16:01:26.0830 0x1ed8  [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
16:01:26.0852 0x1ed8  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
16:01:29.0711 0x1ed8  Detect skipped due to KSN trusted
16:01:29.0712 0x1ed8  fussvc - ok
16:01:29.0757 0x1ed8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
16:01:29.0776 0x1ed8  fvevol - ok
16:01:29.0823 0x1ed8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
16:01:29.0837 0x1ed8  gagp30kx - ok
16:01:29.0911 0x1ed8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
16:01:29.0921 0x1ed8  GEARAspiWDM - ok
16:01:29.0974 0x1ed8  [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt           C:\windows\system32\DRIVERS\ggflt.sys
16:01:29.0983 0x1ed8  ggflt - ok
16:01:30.0037 0x1ed8  [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc          C:\windows\system32\DRIVERS\ggsemc.sys
16:01:30.0046 0x1ed8  ggsemc - ok
16:01:30.0114 0x1ed8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
16:01:30.0191 0x1ed8  gpsvc - ok
16:01:30.0320 0x1ed8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:30.0333 0x1ed8  gupdate - ok
16:01:30.0401 0x1ed8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:01:30.0411 0x1ed8  gupdatem - ok
16:01:30.0450 0x1ed8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\windows\system32\DRIVERS\hamachi.sys
16:01:30.0460 0x1ed8  hamachi - ok
16:01:30.0485 0x1ed8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
16:01:30.0546 0x1ed8  hcw85cir - ok
16:01:30.0596 0x1ed8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:01:30.0634 0x1ed8  HdAudAddService - ok
16:01:30.0683 0x1ed8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
16:01:30.0708 0x1ed8  HDAudBus - ok
16:01:30.0725 0x1ed8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
16:01:30.0754 0x1ed8  HidBatt - ok
16:01:30.0778 0x1ed8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
16:01:30.0811 0x1ed8  HidBth - ok
16:01:30.0826 0x1ed8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
16:01:30.0855 0x1ed8  HidIr - ok
16:01:30.0884 0x1ed8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
16:01:30.0935 0x1ed8  hidserv - ok
16:01:31.0008 0x1ed8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
16:01:31.0045 0x1ed8  HidUsb - ok
16:01:31.0094 0x1ed8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
16:01:31.0148 0x1ed8  hkmsvc - ok
16:01:31.0216 0x1ed8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:01:31.0274 0x1ed8  HomeGroupListener - ok
16:01:31.0306 0x1ed8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:01:31.0336 0x1ed8  HomeGroupProvider - ok
16:01:31.0383 0x1ed8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
16:01:31.0395 0x1ed8  HpSAMD - ok
16:01:31.0515 0x1ed8  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
16:01:31.0526 0x1ed8  HTCMonitorService - ok
16:01:31.0568 0x1ed8  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\windows\system32\DRIVERS\htcnprot.sys
16:01:31.0578 0x1ed8  htcnprot - ok
16:01:31.0633 0x1ed8  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\windows\system32\DRIVERS\HtcVComV64.sys
16:01:31.0708 0x1ed8  HtcVCom32 - ok
16:01:31.0778 0x1ed8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
16:01:31.0859 0x1ed8  HTTP - ok
16:01:31.0907 0x1ed8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
16:01:31.0918 0x1ed8  hwpolicy - ok
16:01:31.0964 0x1ed8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
16:01:31.0980 0x1ed8  i8042prt - ok
16:01:32.0020 0x1ed8  [ A5F72BB0D024E7E463344105BE613AE4, 22B1DED17118C85ACC1F57996FA13428FFE8C96051FAF5212A7E37430F4C62E8 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
16:01:32.0041 0x1ed8  iaStor - ok
16:01:32.0100 0x1ed8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
16:01:32.0122 0x1ed8  iaStorV - ok
16:01:32.0208 0x1ed8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:01:32.0245 0x1ed8  idsvc - ok
16:01:32.0266 0x1ed8  IEEtwCollectorService - ok
16:01:32.0541 0x1ed8  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
16:01:32.0806 0x1ed8  igfx - ok
16:01:32.0855 0x1ed8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
16:01:32.0867 0x1ed8  iirsp - ok
16:01:32.0933 0x1ed8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
16:01:32.0984 0x1ed8  IKEEXT - ok
16:01:33.0054 0x1ed8  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\windows\system32\DRIVERS\Impcd.sys
16:01:33.0091 0x1ed8  Impcd - ok
16:01:33.0248 0x1ed8  [ CCEDD47ABD068C58C8513DEB785093BB, 2B5571688655265037ACB44D2F2E0CD646EC0567D823C32CA09F13A1814C241B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
16:01:33.0377 0x1ed8  IntcAzAudAddService - ok
16:01:33.0410 0x1ed8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
16:01:33.0421 0x1ed8  intelide - ok
16:01:33.0465 0x1ed8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
16:01:33.0496 0x1ed8  intelppm - ok
16:01:33.0538 0x1ed8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
16:01:33.0617 0x1ed8  IPBusEnum - ok
16:01:33.0664 0x1ed8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
16:01:33.0702 0x1ed8  IpFilterDriver - ok
16:01:33.0747 0x1ed8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
16:01:33.0810 0x1ed8  iphlpsvc - ok
16:01:33.0829 0x1ed8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
16:01:33.0853 0x1ed8  IPMIDRV - ok
16:01:33.0932 0x1ed8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
16:01:33.0984 0x1ed8  IPNAT - ok
16:01:34.0114 0x1ed8  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:01:34.0138 0x1ed8  iPod Service - ok
16:01:34.0234 0x1ed8  [ 3E5757BE828CC404425DC5A5EBB5CEFB, 5BBD807951FFDF5B31031A9D68685010740DC0037963224C2547DB5FEE3D43AE ] IpOverUsbSvc    C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
16:01:34.0247 0x1ed8  IpOverUsbSvc - ok
16:01:34.0287 0x1ed8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
16:01:34.0344 0x1ed8  IRENUM - ok
16:01:34.0384 0x1ed8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
16:01:34.0395 0x1ed8  isapnp - ok
16:01:34.0434 0x1ed8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
16:01:34.0453 0x1ed8  iScsiPrt - ok
16:01:34.0492 0x1ed8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
16:01:34.0504 0x1ed8  kbdclass - ok
16:01:34.0559 0x1ed8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
16:01:34.0573 0x1ed8  kbdhid - ok
16:01:34.0591 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\windows\system32\lsass.exe
16:01:34.0604 0x1ed8  KeyIso - ok
16:01:34.0702 0x1ed8  [ 5781DA0CFB8833F5D8AEB433233C7294, 5EF52B532257E8CD34CEAFA405FF022CB1127B6A92BEE5578BC73B0380556D2A ] kl1             C:\windows\system32\DRIVERS\kl1.sys
16:01:34.0727 0x1ed8  kl1 - ok
16:01:34.0779 0x1ed8  [ EE7A44540B65B6FF617DCB8929C9FDAE, E9FB0BEAA1692CEBE8F6E1DED6AE49EFE2679F606CD251AE2222095D37129CDA ] kldisk          C:\windows\system32\DRIVERS\kldisk.sys
16:01:34.0794 0x1ed8  kldisk - ok
16:01:34.0848 0x1ed8  [ 119FC2FA9972458FF15BC17F2C36AB99, 6D45F8C9DC0CA7E8CA24E339B543E255C2A36349F9E510F20415FC4F6A1BD868 ] klflt           C:\windows\system32\DRIVERS\klflt.sys
16:01:34.0865 0x1ed8  klflt - ok
16:01:34.0948 0x1ed8  [ B96959CDDDEAE40F5B57C52AC6F94EC0, 207CA534DEACA83231FCE92E248ECFA95B8A12FA7FD3D711B730D76FD4A481DD ] klhk            C:\windows\system32\DRIVERS\klhk.sys
16:01:34.0967 0x1ed8  klhk - ok
16:01:35.0075 0x1ed8  [ BEC7B9DE0AAFB871DE40F24C42744B00, E4D46DF38097B135EBA913BC3F5D4DD58548D4B9E58D55A0E90783C6B68B03B3 ] KLIF            C:\windows\system32\DRIVERS\klif.sys
16:01:35.0114 0x1ed8  KLIF - ok
16:01:35.0175 0x1ed8  [ 3B360AA2710679C71E450745B96A801C, 2DDD55D838DA70D4834896AC70BEFB611488D894A79B14D5838401F5D9F93A84 ] KLIM6           C:\windows\system32\DRIVERS\klim6.sys
16:01:35.0189 0x1ed8  KLIM6 - ok
16:01:35.0244 0x1ed8  [ 7DBA65D9D2974298B927287904EFF3D4, F69DDB0FF6CCEAE5EC7CD2A04A55E24D960DF4C6F935475C4AD466506D652255 ] klkbdflt        C:\windows\system32\DRIVERS\klkbdflt.sys
16:01:35.0258 0x1ed8  klkbdflt - ok
16:01:35.0298 0x1ed8  [ 99EA6658E783A8D683BC3B72FD9FD235, 28163AE6503A30722497B5176AFDB139C21DC318622ABF867B65AB2C7D96EF59 ] klmouflt        C:\windows\system32\DRIVERS\klmouflt.sys
16:01:35.0311 0x1ed8  klmouflt - ok
16:01:35.0363 0x1ed8  [ B33399BCA2034648520E34987CE2C0C9, F93B38D7DFAAE44B929BC2F739F03A9A67C6FA4AFC29B07DF96D2C7011DCB1AF ] klpd            C:\windows\system32\DRIVERS\klpd.sys
16:01:35.0378 0x1ed8  klpd - ok
16:01:35.0430 0x1ed8  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi           C:\windows\system32\DRIVERS\kltdi.sys
16:01:35.0444 0x1ed8  kltdi - ok
16:01:35.0478 0x1ed8  [ 88D5EF6EE17C280167D42B53282AB4BD, CFFF8D7CE24FCE62FB2C21E1B09DF914612C1EF96876855537B207F7BD83E872 ] Klwtp           C:\windows\system32\DRIVERS\klwtp.sys
16:01:35.0493 0x1ed8  Klwtp - ok
16:01:35.0516 0x1ed8  [ 1AAA539F0F16716466596C37599C7AF2, 888ABC477C2720CA55BC30C8D5FA0A5490F41B62F2A5502F808E9F709FFC0DBB ] kneps           C:\windows\system32\DRIVERS\kneps.sys
16:01:35.0537 0x1ed8  kneps - ok
16:01:35.0595 0x1ed8  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
16:01:35.0610 0x1ed8  KSecDD - ok
16:01:35.0627 0x1ed8  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
16:01:35.0643 0x1ed8  KSecPkg - ok
16:01:35.0695 0x1ed8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
16:01:35.0744 0x1ed8  ksthunk - ok
16:01:35.0783 0x1ed8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
16:01:35.0843 0x1ed8  KtmRm - ok
16:01:35.0897 0x1ed8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
16:01:35.0952 0x1ed8  LanmanServer - ok
16:01:35.0984 0x1ed8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:01:36.0042 0x1ed8  LanmanWorkstation - ok
16:01:36.0105 0x1ed8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
16:01:36.0186 0x1ed8  lltdio - ok
16:01:36.0239 0x1ed8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
16:01:36.0298 0x1ed8  lltdsvc - ok
16:01:36.0310 0x1ed8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
16:01:36.0359 0x1ed8  lmhosts - ok
16:01:36.0417 0x1ed8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
16:01:36.0431 0x1ed8  LSI_FC - ok
16:01:36.0447 0x1ed8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
16:01:36.0462 0x1ed8  LSI_SAS - ok
16:01:36.0478 0x1ed8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
16:01:36.0492 0x1ed8  LSI_SAS2 - ok
16:01:36.0507 0x1ed8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
16:01:36.0524 0x1ed8  LSI_SCSI - ok
16:01:36.0566 0x1ed8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
16:01:36.0627 0x1ed8  luafv - ok
16:01:36.0674 0x1ed8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
16:01:36.0691 0x1ed8  Mcx2Svc - ok
16:01:36.0704 0x1ed8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
16:01:36.0716 0x1ed8  megasas - ok
16:01:36.0745 0x1ed8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
16:01:36.0765 0x1ed8  MegaSR - ok
16:01:36.0793 0x1ed8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
16:01:36.0846 0x1ed8  MMCSS - ok
16:01:36.0859 0x1ed8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
16:01:36.0915 0x1ed8  Modem - ok
16:01:36.0967 0x1ed8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
16:01:37.0001 0x1ed8  monitor - ok
16:01:37.0032 0x1ed8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
16:01:37.0044 0x1ed8  mouclass - ok
16:01:37.0083 0x1ed8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
16:01:37.0105 0x1ed8  mouhid - ok
16:01:37.0164 0x1ed8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
16:01:37.0178 0x1ed8  mountmgr - ok
16:01:37.0264 0x1ed8  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:01:37.0278 0x1ed8  MozillaMaintenance - ok
16:01:37.0300 0x1ed8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
16:01:37.0314 0x1ed8  mpio - ok
16:01:37.0333 0x1ed8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
16:01:37.0372 0x1ed8  mpsdrv - ok
16:01:37.0418 0x1ed8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
16:01:37.0489 0x1ed8  MpsSvc - ok
16:01:37.0527 0x1ed8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
16:01:37.0592 0x1ed8  MRxDAV - ok
16:01:37.0644 0x1ed8  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
16:01:37.0690 0x1ed8  mrxsmb - ok
16:01:37.0716 0x1ed8  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
16:01:37.0751 0x1ed8  mrxsmb10 - ok
16:01:37.0764 0x1ed8  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
16:01:37.0790 0x1ed8  mrxsmb20 - ok
16:01:37.0814 0x1ed8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
16:01:37.0826 0x1ed8  msahci - ok
16:01:37.0850 0x1ed8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
16:01:37.0865 0x1ed8  msdsm - ok
16:01:37.0884 0x1ed8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
16:01:37.0916 0x1ed8  MSDTC - ok
16:01:37.0938 0x1ed8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
16:01:37.0983 0x1ed8  Msfs - ok
16:01:38.0000 0x1ed8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
16:01:38.0037 0x1ed8  mshidkmdf - ok
16:01:38.0059 0x1ed8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
16:01:38.0071 0x1ed8  msisadrv - ok
16:01:38.0124 0x1ed8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
16:01:38.0181 0x1ed8  MSiSCSI - ok
16:01:38.0185 0x1ed8  msiserver - ok
16:01:38.0218 0x1ed8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
16:01:38.0256 0x1ed8  MSKSSRV - ok
16:01:38.0268 0x1ed8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
16:01:38.0321 0x1ed8  MSPCLOCK - ok
16:01:38.0335 0x1ed8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
16:01:38.0384 0x1ed8  MSPQM - ok
16:01:38.0419 0x1ed8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
16:01:38.0440 0x1ed8  MsRPC - ok
16:01:38.0466 0x1ed8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
16:01:38.0478 0x1ed8  mssmbios - ok
16:01:38.0498 0x1ed8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
16:01:38.0551 0x1ed8  MSTEE - ok
16:01:38.0565 0x1ed8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
16:01:38.0588 0x1ed8  MTConfig - ok
16:01:38.0605 0x1ed8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
16:01:38.0617 0x1ed8  Mup - ok
16:01:38.0677 0x1ed8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
16:01:38.0744 0x1ed8  napagent - ok
16:01:38.0820 0x1ed8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
16:01:38.0851 0x1ed8  NativeWifiP - ok
16:01:38.0932 0x1ed8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
16:01:38.0968 0x1ed8  NDIS - ok
16:01:39.0006 0x1ed8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
16:01:39.0044 0x1ed8  NdisCap - ok
16:01:39.0088 0x1ed8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
16:01:39.0136 0x1ed8  NdisTapi - ok
16:01:39.0158 0x1ed8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
16:01:39.0210 0x1ed8  Ndisuio - ok
16:01:39.0237 0x1ed8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
16:01:39.0285 0x1ed8  NdisWan - ok
16:01:39.0301 0x1ed8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
16:01:39.0339 0x1ed8  NDProxy - ok
16:01:39.0384 0x1ed8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
16:01:39.0422 0x1ed8  NetBIOS - ok
16:01:39.0453 0x1ed8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
16:01:39.0510 0x1ed8  NetBT - ok
16:01:39.0550 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\windows\system32\lsass.exe
16:01:39.0562 0x1ed8  Netlogon - ok
16:01:39.0615 0x1ed8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
16:01:39.0696 0x1ed8  Netman - ok
16:01:39.0750 0x1ed8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:01:39.0765 0x1ed8  NetMsmqActivator - ok
16:01:39.0772 0x1ed8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:01:39.0787 0x1ed8  NetPipeActivator - ok
16:01:39.0837 0x1ed8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
16:01:39.0896 0x1ed8  netprofm - ok
16:01:39.0903 0x1ed8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:01:39.0918 0x1ed8  NetTcpActivator - ok
16:01:39.0924 0x1ed8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:01:39.0940 0x1ed8  NetTcpPortSharing - ok
16:01:39.0981 0x1ed8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
16:01:39.0992 0x1ed8  nfrd960 - ok
16:01:40.0022 0x1ed8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
16:01:40.0078 0x1ed8  NlaSvc - ok
16:01:40.0140 0x1ed8  NOBU - ok
16:01:40.0158 0x1ed8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
16:01:40.0195 0x1ed8  Npfs - ok
16:01:40.0222 0x1ed8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
16:01:40.0258 0x1ed8  nsi - ok
16:01:40.0270 0x1ed8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
16:01:40.0315 0x1ed8  nsiproxy - ok
16:01:40.0379 0x1ed8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
16:01:40.0436 0x1ed8  Ntfs - ok
16:01:40.0470 0x1ed8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
16:01:40.0522 0x1ed8  Null - ok
16:01:40.0577 0x1ed8  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
16:01:40.0592 0x1ed8  NVHDA - ok
16:01:41.0007 0x1ed8  [ 5D89C0070BC2643117CF33D0367AFABA, C245E0C0DB6665B6226B4D188F620272C175F0FEA63617ECA45B4FA86273E20C ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
16:01:41.0475 0x1ed8  nvlddmkm - ok
16:01:41.0652 0x1ed8  [ D6310F79E51D1F997E964E81DD368AEA, 27D0159F45C712C6165FDB9F40823438225555E71BB01E3B55F5B5D7BE15D389 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:01:41.0700 0x1ed8  NvNetworkService - ok
16:01:41.0716 0x1ed8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
16:01:41.0731 0x1ed8  nvraid - ok
16:01:41.0756 0x1ed8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
16:01:41.0772 0x1ed8  nvstor - ok
16:01:41.0862 0x1ed8  [ 0FB368E71D9F178BCFC7F0BBA317FECA, 97FA87219E95ED53B5E0B0D3305326DD950EE5CEECDC051E7DC7E9BA05CEB214 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:01:41.0872 0x1ed8  NvStreamKms - ok
16:01:42.0485 0x1ed8  [ AEC2796DF28AB7494A0C688E40D7B38C, B5B495259489B7A49EA4243EEF13BF598EC5791E0FD59FAB4227C906D635D09E ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:01:42.0943 0x1ed8  NvStreamSvc - ok
16:01:43.0064 0x1ed8  [ C5647FB500C2A1F946B77C953528042D, E0A53D158B2141EBBE6762165154B4DE9524E6BD3AD7247B6D25AC96E0A34AA0 ] nvsvc           C:\windows\system32\nvvsvc.exe
16:01:43.0095 0x1ed8  nvsvc - ok
16:01:43.0156 0x1ed8  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
16:01:43.0168 0x1ed8  nvvad_WaveExtensible - ok
16:01:43.0209 0x1ed8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
16:01:43.0223 0x1ed8  nv_agp - ok
16:01:43.0255 0x1ed8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
16:01:43.0294 0x1ed8  ohci1394 - ok
16:01:43.0404 0x1ed8  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:01:43.0420 0x1ed8  ose64 - ok
16:01:43.0666 0x1ed8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:01:43.0880 0x1ed8  osppsvc - ok
16:01:43.0931 0x1ed8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
16:01:43.0984 0x1ed8  p2pimsvc - ok
16:01:44.0009 0x1ed8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
16:01:44.0048 0x1ed8  p2psvc - ok
16:01:44.0104 0x1ed8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
16:01:44.0121 0x1ed8  Parport - ok
16:01:44.0151 0x1ed8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
16:01:44.0164 0x1ed8  partmgr - ok
16:01:44.0228 0x1ed8  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
16:01:44.0237 0x1ed8  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
16:01:46.0931 0x1ed8  Detect skipped due to KSN trusted
16:01:46.0931 0x1ed8  PassThru Service - ok
16:01:47.0000 0x1ed8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
16:01:47.0045 0x1ed8  PcaSvc - ok
16:01:47.0064 0x1ed8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
16:01:47.0080 0x1ed8  pci - ok
16:01:47.0099 0x1ed8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
16:01:47.0111 0x1ed8  pciide - ok
16:01:47.0140 0x1ed8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
16:01:47.0156 0x1ed8  pcmcia - ok
16:01:47.0161 0x1ed8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
16:01:47.0177 0x1ed8  pcw - ok
16:01:47.0233 0x1ed8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
16:01:47.0277 0x1ed8  PEAUTH - ok
16:01:47.0369 0x1ed8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
16:01:47.0390 0x1ed8  PerfHost - ok
16:01:47.0459 0x1ed8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
16:01:47.0554 0x1ed8  pla - ok
16:01:47.0624 0x1ed8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
16:01:47.0673 0x1ed8  PlugPlay - ok
16:01:47.0707 0x1ed8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
16:01:47.0736 0x1ed8  PNRPAutoReg - ok
16:01:47.0774 0x1ed8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
16:01:47.0794 0x1ed8  PNRPsvc - ok
16:01:47.0830 0x1ed8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
16:01:47.0888 0x1ed8  PolicyAgent - ok
16:01:47.0926 0x1ed8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
16:01:47.0968 0x1ed8  Power - ok
16:01:48.0013 0x1ed8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
16:01:48.0051 0x1ed8  PptpMiniport - ok
16:01:48.0076 0x1ed8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
16:01:48.0104 0x1ed8  Processor - ok
16:01:48.0123 0x1ed8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
16:01:48.0183 0x1ed8  ProfSvc - ok
16:01:48.0208 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\windows\system32\lsass.exe
16:01:48.0221 0x1ed8  ProtectedStorage - ok
16:01:48.0299 0x1ed8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
16:01:48.0357 0x1ed8  Psched - ok
16:01:48.0406 0x1ed8  [ CCE65976AAEB1DB4C3B98243B8AC448E, 996BC8CF7B5BFDA04D27FF0FCFEA8BA3C5623FDABFE96C9BE6503C6D3201D0AD ] PVUSB           C:\windows\system32\DRIVERS\CESG64.sys
16:01:48.0417 0x1ed8  PVUSB - ok
16:01:48.0490 0x1ed8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
16:01:48.0544 0x1ed8  ql2300 - ok
16:01:48.0564 0x1ed8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
16:01:48.0579 0x1ed8  ql40xx - ok
16:01:48.0606 0x1ed8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
16:01:48.0641 0x1ed8  QWAVE - ok
16:01:48.0655 0x1ed8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
16:01:48.0674 0x1ed8  QWAVEdrv - ok
16:01:48.0689 0x1ed8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
16:01:48.0728 0x1ed8  RasAcd - ok
16:01:48.0809 0x1ed8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
16:01:48.0868 0x1ed8  RasAgileVpn - ok
16:01:48.0884 0x1ed8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
16:01:48.0937 0x1ed8  RasAuto - ok
16:01:48.0986 0x1ed8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
16:01:49.0034 0x1ed8  Rasl2tp - ok
16:01:49.0097 0x1ed8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
16:01:49.0160 0x1ed8  RasMan - ok
16:01:49.0198 0x1ed8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
16:01:49.0250 0x1ed8  RasPppoe - ok
16:01:49.0264 0x1ed8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
16:01:49.0318 0x1ed8  RasSstp - ok
16:01:49.0353 0x1ed8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
16:01:49.0396 0x1ed8  rdbss - ok
16:01:49.0413 0x1ed8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
16:01:49.0431 0x1ed8  rdpbus - ok
16:01:49.0447 0x1ed8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
16:01:49.0492 0x1ed8  RDPCDD - ok
16:01:49.0529 0x1ed8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
16:01:49.0578 0x1ed8  RDPENCDD - ok
16:01:49.0598 0x1ed8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
16:01:49.0635 0x1ed8  RDPREFMP - ok
16:01:49.0727 0x1ed8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:01:49.0818 0x1ed8  RdpVideoMiniport - ok
16:01:49.0858 0x1ed8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
16:01:49.0906 0x1ed8  RDPWD - ok
16:01:49.0957 0x1ed8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
16:01:49.0974 0x1ed8  rdyboost - ok
16:01:50.0024 0x1ed8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
16:01:50.0075 0x1ed8  RemoteAccess - ok
16:01:50.0130 0x1ed8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
16:01:50.0183 0x1ed8  RemoteRegistry - ok
16:01:50.0244 0x1ed8  [ F85AE59A52885F4B09AADAFB23001A3B, CE722F19C0F916BC9EC1B7B28A479C71504190271B54B4B9ACA82922B484FEA0 ] Rezip           C:\windows\SysWOW64\Rezip.exe
16:01:50.0258 0x1ed8  Rezip - detected UnsignedFile.Multi.Generic ( 1 )
16:01:52.0938 0x1ed8  Detect skipped due to KSN trusted
16:01:52.0938 0x1ed8  Rezip - ok
16:01:52.0981 0x1ed8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
16:01:53.0001 0x1ed8  RFCOMM - ok
16:01:53.0023 0x1ed8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
16:01:53.0062 0x1ed8  RpcEptMapper - ok
16:01:53.0084 0x1ed8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
16:01:53.0107 0x1ed8  RpcLocator - ok
16:01:53.0157 0x1ed8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
16:01:53.0205 0x1ed8  RpcSs - ok
16:01:53.0261 0x1ed8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
16:01:53.0310 0x1ed8  rspndr - ok
16:01:53.0359 0x1ed8  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
16:01:53.0397 0x1ed8  RTL8167 - ok
16:01:53.0504 0x1ed8  [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
16:01:53.0514 0x1ed8  rtport - ok
16:01:53.0544 0x1ed8  [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI            C:\windows\system32\Drivers\SABI.sys
16:01:53.0577 0x1ed8  SABI - ok
16:01:53.0597 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\windows\system32\lsass.exe
16:01:53.0610 0x1ed8  SamSs - ok
16:01:53.0638 0x1ed8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
16:01:53.0652 0x1ed8  sbp2port - ok
16:01:53.0686 0x1ed8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
16:01:53.0740 0x1ed8  SCardSvr - ok
16:01:53.0766 0x1ed8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
16:01:53.0813 0x1ed8  scfilter - ok
16:01:53.0881 0x1ed8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
16:01:53.0949 0x1ed8  Schedule - ok
16:01:53.0986 0x1ed8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
16:01:54.0023 0x1ed8  SCPolicySvc - ok
16:01:54.0076 0x1ed8  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\windows\system32\drivers\ScreamingBAudio64.sys
16:01:54.0087 0x1ed8  ScreamBAudioSvc - ok
16:01:54.0128 0x1ed8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
16:01:54.0180 0x1ed8  SDRSVC - ok
16:01:54.0229 0x1ed8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
16:01:54.0281 0x1ed8  secdrv - ok
16:01:54.0316 0x1ed8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
16:01:54.0362 0x1ed8  seclogon - ok
16:01:54.0408 0x1ed8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
16:01:54.0455 0x1ed8  SENS - ok
16:01:54.0466 0x1ed8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
16:01:54.0524 0x1ed8  SensrSvc - ok
16:01:54.0572 0x1ed8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
16:01:54.0600 0x1ed8  Serenum - ok
16:01:54.0640 0x1ed8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
16:01:54.0672 0x1ed8  Serial - ok
16:01:54.0692 0x1ed8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
16:01:54.0715 0x1ed8  sermouse - ok
16:01:54.0742 0x1ed8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
16:01:54.0782 0x1ed8  SessionEnv - ok
16:01:54.0811 0x1ed8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
16:01:54.0848 0x1ed8  sffdisk - ok
16:01:54.0859 0x1ed8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
16:01:54.0903 0x1ed8  sffp_mmc - ok
16:01:54.0914 0x1ed8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
16:01:54.0933 0x1ed8  sffp_sd - ok
16:01:54.0961 0x1ed8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
16:01:54.0979 0x1ed8  sfloppy - ok
16:01:55.0085 0x1ed8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
16:01:55.0138 0x1ed8  SharedAccess - ok
16:01:55.0175 0x1ed8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:01:55.0222 0x1ed8  ShellHWDetection - ok
16:01:55.0253 0x1ed8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
16:01:55.0265 0x1ed8  SiSRaid2 - ok
16:01:55.0278 0x1ed8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
16:01:55.0292 0x1ed8  SiSRaid4 - ok
16:01:55.0394 0x1ed8  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:01:55.0416 0x1ed8  SkypeUpdate - ok
16:01:55.0437 0x1ed8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
16:01:55.0489 0x1ed8  Smb - ok
16:01:55.0546 0x1ed8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
16:01:55.0573 0x1ed8  SNMPTRAP - ok
16:01:55.0693 0x1ed8  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
16:01:55.0705 0x1ed8  Sony PC Companion - ok
16:01:55.0752 0x1ed8  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\windows\syswow64\speedfan.sys
16:01:55.0764 0x1ed8  speedfan - ok
16:01:55.0786 0x1ed8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
16:01:55.0798 0x1ed8  spldr - ok
16:01:55.0857 0x1ed8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
16:01:55.0919 0x1ed8  Spooler - ok
16:01:56.0046 0x1ed8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
16:01:56.0210 0x1ed8  sppsvc - ok
16:01:56.0251 0x1ed8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
16:01:56.0303 0x1ed8  sppuinotify - ok
16:01:56.0362 0x1ed8  [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:01:56.0377 0x1ed8  SQLWriter - ok
16:01:56.0416 0x1ed8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
16:01:56.0462 0x1ed8  srv - ok
16:01:56.0476 0x1ed8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
16:01:56.0516 0x1ed8  srv2 - ok
16:01:56.0525 0x1ed8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
16:01:56.0549 0x1ed8  srvnet - ok
16:01:56.0609 0x1ed8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
16:01:56.0659 0x1ed8  SSDPSRV - ok
16:01:56.0676 0x1ed8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
16:01:56.0723 0x1ed8  SstpSvc - ok
16:01:56.0833 0x1ed8  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:01:56.0864 0x1ed8  Steam Client Service - ok
16:01:56.0903 0x1ed8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
16:01:56.0915 0x1ed8  stexstor - ok
16:01:56.0979 0x1ed8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
16:01:57.0022 0x1ed8  stisvc - ok
16:01:57.0041 0x1ed8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
16:01:57.0053 0x1ed8  swenum - ok
16:01:57.0094 0x1ed8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
16:01:57.0162 0x1ed8  swprv - ok
16:01:57.0227 0x1ed8  [ 3C80203C725C28CEA5713D1AB242880A, 4056DD312C5DFDF52AA98C69964DB9F573717BF416150225F8EAB30518AE45E9 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
16:01:57.0244 0x1ed8  SynTP - ok
16:01:57.0326 0x1ed8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
16:01:57.0401 0x1ed8  SysMain - ok
16:01:57.0434 0x1ed8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
16:01:57.0455 0x1ed8  TabletInputService - ok
16:01:57.0478 0x1ed8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
16:01:57.0534 0x1ed8  TapiSrv - ok
16:01:57.0591 0x1ed8  [ 93F0F5EF8A4CA261372DF98B31B2BD05, 8CE4C01EF8BB6A2A11324D4ED1320760D78852A96570EEC5252FCEC2E50C597D ] tbhsd           C:\windows\system32\drivers\tbhsd.sys
16:01:57.0602 0x1ed8  tbhsd - ok
16:01:57.0628 0x1ed8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
16:01:57.0674 0x1ed8  TBS - ok
16:01:57.0769 0x1ed8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
16:01:57.0832 0x1ed8  Tcpip - ok
16:01:57.0927 0x1ed8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
16:01:57.0981 0x1ed8  TCPIP6 - ok
16:01:58.0026 0x1ed8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
16:01:58.0053 0x1ed8  tcpipreg - ok
16:01:58.0110 0x1ed8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
16:01:58.0164 0x1ed8  TDPIPE - ok
16:01:58.0187 0x1ed8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
16:01:58.0200 0x1ed8  TDTCP - ok
16:01:58.0229 0x1ed8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
16:01:58.0257 0x1ed8  tdx - ok
16:01:58.0334 0x1ed8  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
16:01:58.0364 0x1ed8  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
16:02:01.0234 0x1ed8  Detect skipped due to KSN trusted
16:02:01.0234 0x1ed8  Te.Service - ok
16:02:01.0274 0x1ed8  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\windows\system32\DRIVERS\teamviewervpn.sys
16:02:01.0287 0x1ed8  teamviewervpn - ok
16:02:01.0317 0x1ed8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
16:02:01.0331 0x1ed8  TermDD - ok
16:02:01.0397 0x1ed8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
16:02:01.0520 0x1ed8  TermService - ok
16:02:01.0549 0x1ed8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
16:02:01.0587 0x1ed8  Themes - ok
16:02:01.0619 0x1ed8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
16:02:01.0659 0x1ed8  THREADORDER - ok
16:02:01.0753 0x1ed8  [ D5EF2DAAEE985EAAF348069F17715A68, FACC5B7163F43C1EFB98F17DD6AD30750A49BD91612D9589EB2AF902096B968F ] TotRec8         C:\windows\system32\drivers\TotRec8.sys
16:02:01.0767 0x1ed8  TotRec8 - ok
16:02:01.0790 0x1ed8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
16:02:01.0878 0x1ed8  TrkWks - ok
16:02:02.0036 0x1ed8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:02:02.0104 0x1ed8  TrustedInstaller - ok
16:02:02.0128 0x1ed8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
16:02:02.0163 0x1ed8  tssecsrv - ok
16:02:02.0228 0x1ed8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
16:02:02.0275 0x1ed8  TsUsbFlt - ok
16:02:02.0753 0x1ed8  [ 53C9D93D159EE9FF3E23A7BFAFA9CF9E, 62E20F9B1CC2BC1299EFD76831A41206169EA906F15039E37BDD0E579A4CD5EF ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
16:02:02.0807 0x1ed8  TuneUp.UtilitiesSvc - ok
16:02:02.0876 0x1ed8  [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
16:02:02.0885 0x1ed8  TuneUpUtilitiesDrv - ok
16:02:02.0957 0x1ed8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
16:02:03.0002 0x1ed8  tunnel - ok
16:02:03.0040 0x1ed8  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\windows\system32\DRIVERS\TurboB.sys
16:02:03.0050 0x1ed8  TurboB - ok
16:02:03.0156 0x1ed8  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:02:03.0192 0x1ed8  TurboBoost - ok
16:02:03.0217 0x1ed8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
16:02:03.0230 0x1ed8  uagp35 - ok
16:02:03.0328 0x1ed8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
16:02:03.0409 0x1ed8  udfs - ok
16:02:03.0479 0x1ed8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
16:02:03.0517 0x1ed8  UI0Detect - ok
16:02:03.0605 0x1ed8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
16:02:03.0636 0x1ed8  uliagpkx - ok
16:02:03.0721 0x1ed8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
16:02:03.0769 0x1ed8  umbus - ok
16:02:03.0871 0x1ed8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
16:02:03.0898 0x1ed8  UmPass - ok
16:02:04.0067 0x1ed8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
16:02:04.0153 0x1ed8  upnphost - ok
16:02:04.0246 0x1ed8  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\windows\system32\Drivers\usbaapl64.sys
16:02:04.0268 0x1ed8  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
16:02:07.0119 0x1ed8  Detect skipped due to KSN trusted
16:02:07.0119 0x1ed8  USBAAPL64 - ok
16:02:07.0164 0x1ed8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
16:02:07.0187 0x1ed8  usbccgp - ok
16:02:07.0213 0x1ed8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
16:02:07.0259 0x1ed8  usbcir - ok
16:02:07.0282 0x1ed8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
16:02:07.0309 0x1ed8  usbehci - ok
16:02:07.0359 0x1ed8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
16:02:07.0404 0x1ed8  usbhub - ok
16:02:07.0440 0x1ed8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
16:02:07.0461 0x1ed8  usbohci - ok
16:02:07.0482 0x1ed8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
16:02:07.0498 0x1ed8  usbprint - ok
16:02:07.0526 0x1ed8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
16:02:07.0563 0x1ed8  USBSTOR - ok
16:02:07.0591 0x1ed8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
16:02:07.0602 0x1ed8  usbuhci - ok
16:02:07.0660 0x1ed8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
16:02:07.0711 0x1ed8  usbvideo - ok
16:02:07.0778 0x1ed8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\windows\system32\drivers\usb8023x.sys
16:02:07.0812 0x1ed8  usb_rndisx - ok
16:02:07.0849 0x1ed8  utmyntm5 - ok
16:02:07.0886 0x1ed8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
16:02:07.0942 0x1ed8  UxSms - ok
16:02:08.0021 0x1ed8  [ 951A30E6EFB1A2A2D3BB842807661863, AE85011E85655BB65ABDAB37E3CE264290A389AA0A90B046CF9B62766F38E0E6 ] UxTuneUp        C:\windows\System32\uxtuneup.dll
16:02:08.0030 0x1ed8  UxTuneUp - ok
16:02:08.0042 0x1ed8  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\windows\system32\lsass.exe
16:02:08.0055 0x1ed8  VaultSvc - ok
16:02:08.0101 0x1ed8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
16:02:08.0115 0x1ed8  vdrvroot - ok
16:02:08.0161 0x1ed8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
16:02:08.0218 0x1ed8  vds - ok
16:02:08.0259 0x1ed8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
16:02:08.0277 0x1ed8  vga - ok
16:02:08.0292 0x1ed8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
16:02:08.0337 0x1ed8  VgaSave - ok
16:02:08.0380 0x1ed8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
16:02:08.0398 0x1ed8  vhdmp - ok
16:02:08.0424 0x1ed8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
16:02:08.0436 0x1ed8  viaide - ok
16:02:08.0456 0x1ed8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
16:02:08.0468 0x1ed8  volmgr - ok
16:02:08.0491 0x1ed8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
16:02:08.0513 0x1ed8  volmgrx - ok
16:02:08.0543 0x1ed8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
16:02:08.0561 0x1ed8  volsnap - ok
16:02:08.0651 0x1ed8  [ 6814DDD37C300F845C4FFE4D4CC9A8C7, 206D5D0A803B8EC26A190C5BF72FF12137C1B8D76A674B6C7C16C8C9BBE44C29 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
16:02:08.0666 0x1ed8  VsEtwService120 - ok
16:02:08.0723 0x1ed8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
16:02:08.0740 0x1ed8  vsmraid - ok
16:02:08.0829 0x1ed8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
16:02:08.0928 0x1ed8  VSS - ok
16:02:08.0944 0x1ed8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
16:02:08.0961 0x1ed8  vwifibus - ok
16:02:08.0983 0x1ed8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
16:02:09.0010 0x1ed8  vwififlt - ok
16:02:09.0051 0x1ed8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
16:02:09.0068 0x1ed8  vwifimp - ok
16:02:09.0120 0x1ed8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
16:02:09.0180 0x1ed8  W32Time - ok
16:02:09.0297 0x1ed8  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\windows\system32\inetsrv\iisw3adm.dll
16:02:09.0333 0x1ed8  W3SVC - ok
16:02:09.0347 0x1ed8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
16:02:09.0386 0x1ed8  WacomPen - ok
16:02:09.0443 0x1ed8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
16:02:09.0482 0x1ed8  WANARP - ok
16:02:09.0488 0x1ed8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
16:02:09.0527 0x1ed8  Wanarpv6 - ok
16:02:09.0562 0x1ed8  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\windows\system32\inetsrv\iisw3adm.dll
16:02:09.0586 0x1ed8  WAS - ok
16:02:09.0667 0x1ed8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
16:02:09.0756 0x1ed8  wbengine - ok
16:02:09.0801 0x1ed8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
16:02:09.0825 0x1ed8  WbioSrvc - ok
16:02:09.0864 0x1ed8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
16:02:09.0905 0x1ed8  wcncsvc - ok
16:02:09.0918 0x1ed8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:02:09.0961 0x1ed8  WcsPlugInService - ok
16:02:09.0989 0x1ed8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
16:02:10.0001 0x1ed8  Wd - ok
16:02:10.0052 0x1ed8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
16:02:10.0088 0x1ed8  Wdf01000 - ok
16:02:10.0114 0x1ed8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
16:02:10.0158 0x1ed8  WdiServiceHost - ok
16:02:10.0163 0x1ed8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
16:02:10.0177 0x1ed8  WdiSystemHost - ok
16:02:10.0220 0x1ed8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
16:02:10.0260 0x1ed8  WebClient - ok
16:02:10.0294 0x1ed8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
16:02:10.0347 0x1ed8  Wecsvc - ok
16:02:10.0372 0x1ed8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
16:02:10.0412 0x1ed8  wercplsupport - ok
16:02:10.0453 0x1ed8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
16:02:10.0506 0x1ed8  WerSvc - ok
16:02:10.0609 0x1ed8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
16:02:10.0663 0x1ed8  WfpLwf - ok
16:02:10.0699 0x1ed8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
16:02:10.0757 0x1ed8  WIMMount - ok
16:02:10.0795 0x1ed8  WinDefend - ok
16:02:10.0801 0x1ed8  WinHttpAutoProxySvc - ok
16:02:10.0874 0x1ed8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
16:02:10.0932 0x1ed8  Winmgmt - ok
16:02:11.0009 0x1ed8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
16:02:11.0107 0x1ed8  WinRM - ok
16:02:11.0181 0x1ed8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
16:02:11.0197 0x1ed8  WinUsb - ok
16:02:11.0252 0x1ed8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
16:02:11.0300 0x1ed8  Wlansvc - ok
16:02:11.0516 0x1ed8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:02:11.0580 0x1ed8  wlidsvc - ok
16:02:11.0608 0x1ed8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
16:02:11.0632 0x1ed8  WmiAcpi - ok
16:02:11.0656 0x1ed8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
16:02:11.0674 0x1ed8  wmiApSrv - ok
16:02:11.0693 0x1ed8  WMPNetworkSvc - ok
16:02:11.0747 0x1ed8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
16:02:11.0793 0x1ed8  WPCSvc - ok
16:02:11.0827 0x1ed8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
16:02:11.0862 0x1ed8  WPDBusEnum - ok
16:02:11.0888 0x1ed8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
16:02:11.0926 0x1ed8  ws2ifsl - ok
16:02:11.0938 0x1ed8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
16:02:11.0958 0x1ed8  wscsvc - ok
16:02:11.0962 0x1ed8  WSearch - ok
16:02:12.0088 0x1ed8  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\windows\system32\wuaueng.dll
16:02:12.0198 0x1ed8  wuauserv - ok
16:02:12.0241 0x1ed8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
16:02:12.0265 0x1ed8  WudfPf - ok
16:02:12.0315 0x1ed8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
16:02:12.0338 0x1ed8  WUDFRd - ok
16:02:12.0369 0x1ed8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
16:02:12.0385 0x1ed8  wudfsvc - ok
16:02:12.0417 0x1ed8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
16:02:12.0468 0x1ed8  WwanSvc - ok
16:02:12.0593 0x1ed8  X6va010 - ok
16:02:12.0650 0x1ed8  [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys
16:02:12.0691 0x1ed8  yukonw7 - ok
16:02:12.0738 0x1ed8  ================ Scan global ===============================
16:02:12.0771 0x1ed8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
16:02:12.0828 0x1ed8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
16:02:12.0841 0x1ed8  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
16:02:12.0862 0x1ed8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
16:02:12.0913 0x1ed8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
16:02:12.0921 0x1ed8  [ Global ] - ok
16:02:12.0922 0x1ed8  ================ Scan MBR ==================================
16:02:12.0933 0x1ed8  [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
16:02:14.0255 0x1ed8  \Device\Harddisk0\DR0 - ok
16:02:14.0255 0x1ed8  ================ Scan VBR ==================================
16:02:14.0275 0x1ed8  [ 170667D929E6F0C42741753F53E448EC ] \Device\Harddisk0\DR0\Partition1
16:02:14.0277 0x1ed8  \Device\Harddisk0\DR0\Partition1 - ok
16:02:14.0288 0x1ed8  [ CE44C208DDE347F9795D529740198873 ] \Device\Harddisk0\DR0\Partition2
16:02:14.0290 0x1ed8  \Device\Harddisk0\DR0\Partition2 - ok
16:02:14.0311 0x1ed8  [ B6F8D2AA6C7B0656C94BED1E8226AE3F ] \Device\Harddisk0\DR0\Partition3
16:02:14.0313 0x1ed8  \Device\Harddisk0\DR0\Partition3 - ok
16:02:14.0314 0x1ed8  ================ Scan generic autorun ======================
16:02:14.0314 0x1ed8  SynTPEnh - ok
16:02:14.0738 0x1ed8  [ C3DEFB0B48ED819E6C794E13D1544F19, BBB7B73FED61A5CCC391700D24B9EAF333528820B7697EEB010EBD9EC17FDF9E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:02:15.0046 0x1ed8  RtHDVCpl - ok
16:02:15.0219 0x1ed8  [ C56AEF21A76A6E2BB36A384B2C96389F, A9C8B90631AB4BBFEAABDE3D854283C5073B8786A263B941FF631531F30B7F9A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:02:15.0282 0x1ed8  NvBackend - ok
16:02:15.0317 0x1ed8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\windows\system32\rundll32.exe
16:02:15.0346 0x1ed8  ShadowPlay - ok
16:02:15.0403 0x1ed8  [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
16:02:15.0415 0x1ed8  iTunesHelper - ok
16:02:15.0486 0x1ed8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:02:15.0574 0x1ed8  Sidebar - ok
16:02:15.0612 0x1ed8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:02:15.0632 0x1ed8  mctadmin - ok
16:02:15.0663 0x1ed8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:02:15.0702 0x1ed8  Sidebar - ok
16:02:15.0708 0x1ed8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:02:15.0726 0x1ed8  mctadmin - ok
16:02:16.0475 0x1ed8  [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
16:02:16.0671 0x1ed8  CCleaner Monitoring - ok
16:02:17.0107 0x1ed8  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe
16:02:17.0255 0x1ed8  Amazon Music - ok
16:02:17.0330 0x1ed8  icq - ok
16:02:17.0388 0x1ed8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:02:17.0456 0x1ed8  RESTART_STICKY_NOTES - ok
16:02:17.0585 0x1ed8  [ 71B8F5AD8CB230DD3ABA063701789CB1, A54E29953BD6D2F3303AF9514F05A1D394790B5ADB74FE833D9FA895AD61DFBF ] C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:02:17.0640 0x1ed8  Spotify Web Helper - ok
16:02:17.0900 0x1ed8  [ 1C9CA9D686B9E3F814AA0E77507C697E, 40B3E888C82A382FE3468320E7A290FCB5E4A148295FEAA487AC1C750D8676D9 ] C:\Users\Jonas\AppData\Roaming\Spotify\Spotify.exe
16:02:18.0074 0x1ed8  Spotify - ok
16:02:18.0164 0x1ed8  {517CC397-B22F-4593-8DCB-DE72CC541E9A} - ok
16:02:18.0214 0x1ed8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:02:18.0252 0x1ed8  Sidebar - ok
16:02:18.0273 0x1ed8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:02:18.0291 0x1ed8  mctadmin - ok
16:02:18.0292 0x1ed8  Waiting for KSN requests completion. In queue: 79
16:02:19.0292 0x1ed8  Waiting for KSN requests completion. In queue: 79
16:02:20.0292 0x1ed8  Waiting for KSN requests completion. In queue: 79
16:02:20.0963 0x10a8  Object required for P2P: [ 1C9CA9D686B9E3F814AA0E77507C697E ] C:\Users\Jonas\AppData\Roaming\Spotify\Spotify.exe
16:02:21.0292 0x1ed8  Waiting for KSN requests completion. In queue: 1
16:02:22.0292 0x1ed8  Waiting for KSN requests completion. In queue: 1
16:02:23.0292 0x1ed8  Waiting for KSN requests completion. In queue: 1
16:02:23.0749 0x10a8  Object send P2P result: true
16:02:24.0337 0x1ed8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled : outofdate )
16:02:24.0339 0x1ed8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
16:02:27.0119 0x1ed8  ============================================================
16:02:27.0119 0x1ed8  Scan finished
16:02:27.0119 0x1ed8  ============================================================
16:02:27.0130 0x11c0  Detected object count: 0
16:02:27.0130 0x11c0  Actual detected object count: 0

schrauber · 30.07.2015, 06:08

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

J3T · 30.07.2015, 12:02

Code:

ATTFilter

ComboFix 15-07-23.01 - Jonas 30.07.2015  12:28:05.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3957.1870 [GMT 2:00]
ausgeführt von:: c:\users\Jonas\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\kikin
c:\program files (x86)\kikin\default_settings.xml
c:\program files (x86)\kikin\file_list.txt
c:\program files (x86)\kikin\ie_kikin.dll
c:\program files (x86)\kikin\KikinBroker.exe
c:\program files (x86)\kikin\KikinCrashReporter.exe
c:\program files (x86)\kikin\uninst.exe
c:\users\Jonas\AppData\Local\lame_enc.dll
c:\users\Jonas\AppData\Local\no23xwrapper.dll
c:\users\Jonas\AppData\Local\ogg.dll
c:\users\Jonas\AppData\Local\vorbis.dll
c:\users\Jonas\AppData\Local\vorbisenc.dll
c:\users\Jonas\AppData\Local\vorbisfile.dll
c:\users\Jonas\AppData\Roaming\kikin
c:\users\Jonas\AppData\Roaming\kikin\ff_configuration.xml
c:\users\Jonas\AppData\Roaming\kikin\ff_kkes.xml
c:\users\Jonas\AppData\Roaming\kikin\ff_settings.xml
c:\users\Jonas\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Jonas\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Jonas\AppData\Roaming\kikin\ie_settings.xml
c:\users\Jonas\AppData\Roaming\Microsoft\Windows\Recent\desktop_92560919.ico
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-28 bis 2015-07-30  ))))))))))))))))))))))))))))))
.
.
2015-07-30 10:43 . 2015-07-30 10:43	--------	d-----w-	c:\users\Julia\AppData\Local\temp
2015-07-30 10:43 . 2015-07-30 10:43	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2015-07-29 22:17 . 2015-06-29 20:42	62792	----a-w-	c:\windows\system32\nvshext.dll
2015-07-29 22:17 . 2015-06-29 20:42	3522192	----a-w-	c:\windows\system32\nvsvc64.dll
2015-07-29 22:17 . 2015-06-29 20:42	932040	----a-w-	c:\windows\system32\nvvsvc.exe
2015-07-29 22:17 . 2015-06-29 20:42	6783304	----a-w-	c:\windows\system32\nvcpl.dll
2015-07-29 22:17 . 2015-06-29 20:42	385352	----a-w-	c:\windows\system32\nvmctray.dll
2015-07-29 22:17 . 2015-06-29 20:42	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2015-07-29 22:17 . 2015-06-29 11:02	4437364	----a-w-	c:\windows\system32\nvcoproc.bin
2015-07-29 22:16 . 2015-06-29 22:53	72904	----a-w-	c:\windows\system32\OpenCL.dll
2015-07-29 22:16 . 2015-06-29 22:53	60560	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-07-29 11:13 . 2015-07-29 11:13	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-29 11:13 . 2015-07-29 13:57	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-29 11:13 . 2015-07-29 12:39	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-29 11:09 . 2015-07-29 12:39	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-29 10:55 . 2015-07-29 10:55	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-07-28 21:51 . 2015-07-28 21:51	--------	d-----w-	c:\users\Julia\AppData\Roaming\LolClient
2015-07-28 21:49 . 2015-07-28 21:50	--------	d-----w-	c:\users\Julia\AppData\Roaming\Riot Games
2015-07-28 20:51 . 2015-07-28 20:51	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFD7214F-8B47-4965-9698-E0C4AD33208E}\offreg.5304.dll
2015-07-28 20:47 . 2015-07-28 20:47	--------	d-----w-	c:\program files (x86)\iTunes
2015-07-28 20:47 . 2015-07-28 20:47	--------	d-----w-	c:\program files\iPod
2015-07-28 20:47 . 2015-07-28 20:48	--------	d-----w-	c:\program files\iTunes
2015-07-28 11:09 . 2015-07-25 18:04	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 11:09 . 2015-07-25 18:03	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 11:09 . 2015-07-25 18:04	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 11:09 . 2015-07-25 18:03	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 11:09 . 2015-07-25 18:03	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 11:09 . 2015-07-25 17:55	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-28 11:09 . 2015-07-25 18:07	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 11:09 . 2015-07-25 18:03	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 11:09 . 2015-07-15 01:12	12222168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFD7214F-8B47-4965-9698-E0C4AD33208E}\mpengine.dll
2015-07-28 00:43 . 2015-07-28 00:46	--------	d-----w-	C:\FRST
2015-07-21 17:44 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 17:44 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 17:44 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 17:44 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 17:44 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 17:44 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 17:44 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 17:44 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 17:44 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 17:44 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-15 12:09 . 2015-06-09 18:03	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2015-07-15 12:06 . 2015-07-04 18:07	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-10 17:28 . 2015-07-28 12:07	--------	d-----w-	C:\$Windows.~BT
2015-07-07 11:21 . 2015-07-07 11:24	--------	d-----w-	c:\users\Jonas\AppData\Roaming\HTC
2015-07-07 11:20 . 2015-07-30 10:48	--------	d-----w-	c:\users\Jonas\AppData\Local\HTC MediaHub
2015-07-07 11:20 . 2015-07-07 11:20	--------	d-----w-	c:\users\Jonas\.android
2015-07-07 11:20 . 2015-07-07 11:20	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2015-07-07 11:19 . 2015-07-07 11:19	--------	d-----w-	c:\program files (x86)\Spirent Communications
2015-07-07 11:17 . 2015-07-07 11:19	--------	d-----w-	c:\program files (x86)\HTC
2015-07-07 11:17 . 2015-07-07 11:17	--------	d-----w-	c:\programdata\HTC
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-05 17:00 . 2015-07-05 17:00	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2015-07-05 17:00 . 2015-07-05 17:00	--------	d-----w-	c:\program files (x86)\QuickTime
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-14 18:15 . 2012-04-16 10:49	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 18:15 . 2011-05-16 14:32	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 10:58 . 2014-10-22 19:13	225976	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-07-03 06:43 . 2010-12-27 21:08	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-24 15:52 . 2014-11-22 12:12	85360	----a-w-	c:\windows\system32\drivers\klwtp.sys
2015-06-24 15:52 . 2014-11-10 15:48	190648	----a-w-	c:\windows\system32\drivers\kneps.sys
2015-06-24 15:52 . 2014-10-10 15:02	39280	----a-w-	c:\windows\system32\drivers\klim6.sys
2015-06-24 15:52 . 2014-10-09 10:31	65208	----a-w-	c:\windows\system32\drivers\kltdi.sys
2015-06-24 15:52 . 2014-08-19 10:31	64368	----a-w-	c:\windows\system32\drivers\kldisk.sys
2015-06-24 15:52 . 2014-03-31 08:47	478392	----a-w-	c:\windows\system32\drivers\kl1.sys
2015-06-24 15:52 . 2013-04-12 12:34	24944	----a-w-	c:\windows\system32\drivers\klpd.sys
2015-06-23 21:49 . 2013-08-08 14:11	39280	----a-w-	c:\windows\system32\drivers\klmouflt.sys
2015-06-23 21:49 . 2014-10-30 02:22	40304	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2015-06-23 21:49 . 2014-12-13 16:21	850608	----a-w-	c:\windows\system32\drivers\klif.sys
2015-06-23 21:49 . 2014-11-28 16:19	159960	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-06-23 21:49 . 2013-01-14 18:10	247016	----a-w-	c:\windows\system32\drivers\cm_km_w.sys
2015-06-23 11:30 . 2010-12-25 14:05	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-16 22:23 . 2015-06-16 22:23	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2015-05-25 18:24 . 2015-06-09 18:31	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-09 18:31	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-09 18:31	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-09 18:31	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-09 18:31	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-09 18:31	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-09 18:31	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-09 18:31	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-09 18:31	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-09 18:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-09 18:31	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-09 18:31	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-09 18:31	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-09 18:31	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-09 18:31	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-09 18:31	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-09 18:31	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-09 18:31	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-09 18:31	112640	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-09 18:31	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-09 18:31	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-09 18:31	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-09 18:31	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-09 18:31	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-09 18:31	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-09 18:31	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-09 18:31	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-09 18:31	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-09 18:31	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-09 18:31	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-09 18:31	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-09 18:31	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-09 18:31	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-09 18:31	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-09 18:31	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-09 18:31	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-09 18:31	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-09 18:31	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-09 18:31	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-09 18:31	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-09 18:31	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-09 18:31	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-09 18:31	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-09 18:31	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-09 18:31	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2015-05-25 17:55 . 2015-06-09 18:31	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-09 18:31	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-03-01 16:33	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-12-19 10:33	1729744	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-12-19 10:33	1729744	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-12-19 10:33	1729744	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-07-17 8418584]
"Amazon Music"="c:\users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-12-08 6277952]
"icq"="c:\users\Jonas\AppData\Roaming\ICQM\icq.exe" [2015-01-23 36705800]
"Spotify Web Helper"="c:\users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-07-24 2017848]
"Spotify"="c:\users\Jonas\AppData\Roaming\Spotify\Spotify.exe" [2015-07-24 7574584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-01-11 210216]
"NortonOnlineBackup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-03-05 1112920]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-04-03 450560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PVUSB;CESG502 64bit USB Driver;c:\windows\system32\DRIVERS\CESG64.sys;c:\windows\SYSNATIVE\DRIVERS\CESG64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 utmyntm5;AVZ Kernel Driver;c:\windows\system32\Drivers\utmyntm5.sys;c:\windows\SYSNATIVE\Drivers\utmyntm5.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AVP15.0.2;Kaspersky Anti-Virus Service 15.0.2;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe service [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe;c:\windows\SysWOW64\Rezip.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys;c:\windows\SYSNATIVE\drivers\TotRec8.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-24 18:58	995144	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.107\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 18:15]
.
2011-11-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001Core.job
- c:\users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02 16:42]
.
2011-11-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2917951037-2729683539-371938882-1001UA.job
- c:\users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-02 16:42]
.
2015-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 20:00]
.
2015-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 20:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-03-01 15:10	357376	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-12-19 10:34	2334928	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-12-19 10:34	2334928	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-12-19 10:34	2334928	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10	164760	----a-w-	c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = 
mDefault_Search_URL = 
mStart Page = about:blank
mSearch Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
mSearch Bar = 
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = about:blank
mSearchAssistant = about:blank
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{D2C2A8AD-0813-4195-8EBC-EF4AAE2F45FA}: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856453&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.de|hxxp://www.giga.de/androidnews/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 086d89640000000000005cac4c6773d7
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15891
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.515:41
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119820&tt=040713_ctrl&tsp=4934
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files (x86)\kikin\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]
"ImagePath"="."
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va010]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-2917951037-2729683539-371938882-1001\Software\SecuROM\License information*]
"datasecu"=hex:f8,cb,db,84,b0,30,d6,c2,7f,51,7b,c3,db,49,5a,42,45,29,df,51,f3,
   e8,b3,1f,90,fe,71,c4,80,20,3a,90,05,e7,fc,6c,94,c4,98,64,ab,29,31,6e,ab,c1,\
"rkeysecu"=hex:c2,7f,8d,81,77,92,fd,78,05,d4,b6,12,24,eb,52,d3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\07\06\07\0d\12(?"
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-30  12:56:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-30 10:56
.
Vor Suchlauf: 13 Verzeichnis(se), 51.277.938.688 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 51.794.558.976 Bytes frei
.
- - End Of File - - 6E5C38DE8B0EF4B7F9B05880117E1B7C

schrauber · 31.07.2015, 08:33

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

J3T · 31.07.2015, 15:42

Bei MBAM gab es in den Anwendungsprotokollen nur "Schutzlog" und "Suchlaufprotokoll", hier das Suchprotokoll, welches ich allerdings aufteilen muss, weil es zu lang ist.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 31.07.2015
Suchlaufzeit: 14:19
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.31.04
Rootkit-Datenbank: v2015.07.30.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Jonas

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 621057
Abgelaufene Zeit: 59 Min., 43 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 14
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [f15fb2360d7dc86e2153f1d550b255ab], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [f15fb2360d7dc86e2153f1d550b255ab], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [f15fb2360d7dc86e2153f1d550b255ab], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [aaa60fd9395144f22372335bcf3308f8], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [95bb90584644999dd97ff94b689bd22e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [212f41a79befdc5a70d51f3a0cf7ae52], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, In Quarantäne, [7bd534b41e6c7cba58f931f4cd369967], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jbpkiefagocgkmemidfngdkamloieekf, In Quarantäne, [aaa628c0becc6dc9a312182635cea957], 
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, In Quarantäne, [1b35ffe9f892999dd2e41df8a85b649c], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\1ClickDownload, In Quarantäne, [64ecd90f35558fa70a01036b8282dc24], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\SweetIM, In Quarantäne, [78d874749af0999d212f879e35ceae52], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [52fe0bdd8ffb71c5e13a7a26bc4803fd], 
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\BI, In Quarantäne, [1b3557912169c07648d82d45897bcb35], 
PUP.Optional.Conduit.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, In Quarantäne, [7dd3f5f3b3d79d991a9d31e4d13220e0], 

Registrierungswerte: 5
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091, In Quarantäne, [1b35ffe9f892999dd2e41df8a85b649c]
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, In Quarantäne, [1b3557912169c07648d82d45897bcb35]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=086D5CAC4C6773D7&affID=119820&tt=040713_ctrl&tsp=4934, In Quarantäne, [d27e8c5cafdbd066ebcb8f0509fba25e]
PUP.Optional.Babylon.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, In Quarantäne, [133d24c46b1f5ed86efe34dd739055ab]
PUP.Optional.Conduit.A, HKU\S-1-5-21-2917951037-2729683539-371938882-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091, In Quarantäne, [7dd3f5f3b3d79d991a9d31e4d13220e0]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 131
PUP.Optional.OptimizerPro.A, C:\Users\Jonas\Documents\Optimizer Pro, In Quarantäne, [65ebe8008109e74f4b9039648f75dd23], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\res, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\api, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\resources, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gadgetFrame, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\img, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON\Js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON\resources, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\img, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\js\resources, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\Optimizer, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\Optimizer\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css\custom-theme, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\custom-theme, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\buildSettings, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\Css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\resources, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\script, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\style, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\style\rsx, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\img, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\core, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\images, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.jscrollpane, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\sl, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\mam, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ctypes, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\preferences, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Plugins, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.TornTV.A, C:\Program Files (x86)\TornTV.com, In Quarantäne, [321e6b7d44467eb8b86715cc5aa8f907], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\chrome, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\DualPackage, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\lib, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\META-INF, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\facebook, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2],

J3T · 31.07.2015, 15:43

Zweiter Teil MBAM:

Code:

ATTFilter

Dateien: 461
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe, In Quarantäne, [470982668901d95d7cfa88a16b95a060], 
PUP.Optional.Giga, C:\Users\Jonas\Downloads\GS-Auto-Clicker-lnstall.exe, In Quarantäne, [86caae3a236770c6c5dc2dec4bbad32d], 
PUP.Optional.BProtector.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\bProtector_extensions.rdf, In Quarantäne, [084817d1b9d163d3446b7f93ed1612ee], 
PUP.Optional.TornTV.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\torntv@torntv.com.xpi, In Quarantäne, [361aa2468ffbac8a3d1672d5788bf50b], 
PUP.Optional.Babylon.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\babylon.xml, In Quarantäne, [9fb1b038ff8b2511db994b05937042be], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\conduit.xml, In Quarantäne, [64ec7672c2c8ef4797fd56fabf44f907], 
PUP.Optional.Delta.ShrtCln, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\delta.xml, In Quarantäne, [6ce49751e4a67abc930a37198c77ce32], 
PUP.Optional.DVDVideoSoft.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi, In Quarantäne, [1d33e1071476ce68f19e9ef958ac05fb], 
PUP.Optional.OptimizerPro.A, C:\Users\Jonas\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [65ebe8008109e74f4b9039648f75dd23], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome.manifest, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\install.rdf, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\sspv.txt, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\version.txt, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\AbstractionLayer.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\AbstractionLayerBack.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\AbstractionLayerFront.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\BrowserContextMenuManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\popup.xul, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\popupTransparent.xul, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\preferences.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\preferences.xul, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\toolbaroverlay.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\toolbaroverlay.xul, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tooltips.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\version.xul, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\autoComplete.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\priceGongMigration.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\MozillaRetentionDialog.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\RetentionDialog.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\css\MozillaRetentionDialog.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\css\RetentionDialog.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\2.0--spec--kicker.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\content-pattern.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\content-sep.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\OK-Button-Default.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\OK-Button-MouseOver.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\OK-Button-OnClick.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\images\x.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\js\MozillaRetentionDialog.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\logic\uninstall\dialog\js\RetentionDialog.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\backstage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\version.txt, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\al.view.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\aboutBox.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\logo.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\OK-Button-Default.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\OK-Button-MouseOver.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\OK-Button-OnClick.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\truste.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\images\x.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\aboutBox\js\aboutBox.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\appManager.controller.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\appManager.model.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\appManager.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\css\toolbar.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\ajax-loader.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\buttonSprites.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\chevron_sprites.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\fallback24.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\ie8_mouseover_button.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\ie8_onclick_button.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\loader-icon.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\menu_arrow.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\minibrowser.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\minibrowser24.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\mp_sprites.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\new_chevron_sprites.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_left_transparent.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_left_white.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_left_white_34.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_right_transparent.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_right_white.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\rounded_corners_right_white_34.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\separator.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\separator_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\img\uus.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ac\res\yoxscroll.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\api\toolbarapi.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\api\webAppApi.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\api\webAppApiFront.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\excanvas.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\trusted.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\trusted.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\untrusted.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\untrusted.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\msd\untrusted.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\options.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\css\jquery.jscrollpane.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\css\options.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\css\reset.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\bg-hide-click.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\bg-hide.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\checkbox-check-off.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\checkbox-check-on.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\ic_Closer.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\ic_Closer_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\logo.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\minibrowser.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\scroller.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\sprite-ok-button.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\truste.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\images\x.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\html5SupportIe.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\options.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\resources\html5shiv.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\options\js\resources\jquery.mousewheel.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\js\searchProtectorManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\bubble.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\bubble.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\main.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images\information.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images\x-default-LTR.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images\x-default-RTL.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images\x-mouseover-LTR.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spbd\images\x-mouseover-RTL.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\main.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\SearchProtector.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\settings.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\images\ok-button.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\images\separation-line.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\sp\spsd\images\warning.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menus.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\popups.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\DialogsAPI.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\excanvas.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\generalDialogStyle.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\PIE.htc, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\settings.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\main.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\app-store-icon.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\arrow.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\divider.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\emailNotifier.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\facebook.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\radio.GIF, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\Thumbs.db, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\ftd\images\weather.GIF, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\main.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\restartDialog.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\restartDialog.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\2.0--spec--kicker.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\content-pattern.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\content-sep.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\OK-Button-Default.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\OK-Button-MouseOver.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\OK-Button-OnClick.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\dlg\restart\images\x.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gadgetFrame\gf.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gadgetFrame\lgf.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\gf.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\lgf.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\css\gf.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\css\gf_ie.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\img\ie_back.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\img\loader.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\img\resize.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\img\sprites.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\js\gf.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\gf\js\lgf.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\css\menu.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-down-strong.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-down.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-left-strong.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-left.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-right-strong.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrow-right.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\img\arrows.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\jquery.ellipsis.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\menu.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\renderHandler.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\scrollers.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\ui\menu\js\showHandler.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\browserAppApi.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\css\en.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\AccountManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\bgPage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\EN.model.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\IMAPExecuter.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Inboxer.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Invoker.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\MailDecoder.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\MailMerger.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\POP3Executer.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\providerHelper.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Providers.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\SettingsManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Timer.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Translation.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\EMAIL_NOTIFIER\js\Utils.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\embedded.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\css\embedded.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\css\popup.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\css\reset.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\js\embedded.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\HIGHLIGHTER\js\popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\css\popup.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\img\arrows.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\img\badges.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\img\icons.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\js\popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\embedded.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\NotificationPopup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\Settings.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\gadget.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\general.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\Main.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\newMain.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\settings.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\css\ui.stepper.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\closeIcon.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\downArrow.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\settingsIcon.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\upArrow.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\close.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\Next.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\Next_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\powered-by.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\Prev.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\Prev_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\dark\settings.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\close.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\Next.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\Next_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\powered-by.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\Prev.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\Prev_hover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\images\light\settings.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\AppName.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\bgpageEarly.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\commons.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\notification.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\Settings.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\stepper.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\Optimizer\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\Optimizer\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\pg_offers.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\pg_offers.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\agree.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\agree.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\Close.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\Image.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\Logo.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\OK_Btn.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\agreement\Topbg.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css\gadget.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css\ie7styles.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css\iestyle.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\PRICE_GONG\images\icon.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\embedded.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\popup2.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\gadget.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\reset.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\stations.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\bgpageEarly.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\embedded.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\embeddedEarly.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\localization.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\player.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\system.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\embedded.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\information.popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\Css\information.popup.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\common.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\contentManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\historyProvider.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\information.popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\layoutManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\searchListener.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\selectionListener.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\js\suggestProvider.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\resources\history--x-default.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\resources\history--x-mouseover.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\resources\menu.icon.apps.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\script\view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\style\default.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\style\rsx\dd-arrow.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\SEARCH\view\style\rsx\ie8.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\popup.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\img\icons.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\img\inbox.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\img\scroll_down.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\img\scroll_up.png, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\js\localization.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\TWITTER\js\popup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\bgpage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\css\gadget.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\css\ie7styles.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\css\iestyle.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\bgpage.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\common.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\date-functions.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\gadget.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\jquery.autocomplete.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\jquery.textshadow.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\logic.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\main.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\al\wa\WEATHER\js\xPath.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\core\corelibs.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\core\framework.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\core\utils.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\al.view.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\al.viewPerformanceLog.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\background.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\ie_fix.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.mousewheel.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.text-overflow.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.tmpl.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.xml2json.custom.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.xml2json.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\json2.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\json2.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\script2injectEmbedded.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\script2injectPopup.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\sdk.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\jquery.alerts.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\jquery.alerts.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\images\help.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\images\important.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\images\info.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.alerts\images\title.gif, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.css, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\lib\jquery.jscrollpane\jquery.jscrollpane.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\tb\sl\serviceLayer.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\backstage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\frontstage.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\navigationTests.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\popup.html, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\js\framework.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\jquery-1.4.1.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\jquery-1.5.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\jquery-1.6.2.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\json2.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\LAB.min.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\log4javascript.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Chrome\CT2504091\content\test\toolbar\lib\log4javascriptStub4Release.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\autoCompleteManager.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\mam\mamModule.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\preferences\defaults.js, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib\log4conduit.jsm, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib\log4moz.jsm, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\manifest.mf, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\zigbert.rsa, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\zigbert.sf, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules\BackStage.jsm, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules\Commons.jsm, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\modules\FrontStage.jsm, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Plugins\np-mswmp.dll, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.VuzeRemoteTB.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\Plugins\npFirefoxPlugin.dll, In Quarantäne, [ec648b5d14764aec85ff8d5382800ef2], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\chrome.manifest, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\install.rdf, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\version.txt, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\chrome\conduitengine.jar, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\ConduitToolbar.idl, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\ConduitToolbar.js, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\RadioWMPCore.dll, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\appContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\engineSettings.json, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\fbAlert.js, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\DualPackage\install.rdf, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\lib\xpcom.js, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\META-INF\manifest.mf, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\META-INF\zigbert.rsa, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\META-INF\zigbert.sf, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin\conduit.gif, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin\conduit.ico, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin\conduit.PNG, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin\conduit.src, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\engine@conduit.com\searchplugin\conduit.xml, In Quarantäne, [f7596c7cb7d34de99b87b74fba4905fb], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alertDB.sqlite, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\servicesMap.json, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\DialogsAPI.js, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\PIE.htc, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\settings.js, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\version.txt, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\alertapi.js, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\AppNotification.js, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\initialNotification.html, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\main.html, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\sampleNotification.html, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\arrow-left.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\arrow-right.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\close.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\like.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\powered-by.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\settings.png, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\alert\Dialogs\AppNotificationDialog\Images\Thumbs.db, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons\http___storage_conduit_com_BankImages_RadioSkins_StarFleet_equalizer_dead.gif, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons\http___storage_conduit_com_BankImages_RadioSkins_StarFleet_minimize.gif, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons\http___storage_conduit_com_BankImages_RadioSkins_StarFleet_play.gif, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons\http___storage_conduit_com_BankImages_RadioSkins_StarFleet_stop.gif, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\cachedIcons\http___storage_conduit_com_BankImages_RadioSkins_StarFleet_vol.gif, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\facebook\menu-en.xml, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.ConduitTB.Gen, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\conduit\facebook\settings.xml, In Quarantäne, [c0909a4e2d5d0f27522df813c93a2ed2], 
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856453&SearchSource=3&q={searchTerms}");), Ersetzt,[391714d4f595a096f0a5403c75909769]
PUP.Optional.Conduit.A, C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2856453.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2856453&q=");), Ersetzt,[5df3d810cebc3ff79afcfd7f1bea7a86]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

J3T · 31.07.2015, 15:47

ADW:

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 31/07/2015 um 16:00:50
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jonas - JONAS-PC
# Gestarted von : C:\Users\Jonas\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Jonas\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Jonas\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Jonas\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Jonas\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Jonas\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\firejump@firejump.net.xpi
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\fbdislike@doweb.fr.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\invalidprefs.js
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AC129BF9-68BF-4BC4-A1DC-ECB62712FF99}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v36.0.1 (x86 de)

[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.installId", "ConduitNSISIntegration");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.installType", "ConduitNSISIntegration");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.smartbar.CTID", "CT2504091");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.smartbar.Uninstall", "0");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CT2856453.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1248477/1244150/DE", "\"0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2856453", "\"0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "L+tncv4eqt6Qm5T3dzChdA==");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "QmycQXJXVyFVAzIiNllWhQ==");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "K4Vqu91uAzWURlxJRdXJOg==");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"8039ce950b0cb1:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.0.19", "\"8039ce950b0cb1:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2856453", "\"634289840782570000\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2856453/CT2856453", "\"1294673289\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalizer_dead.gif", "\"09586ee4e19c81:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize.gif", "\"09586ee4e19c81:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif", "\"09586ee4e19c81:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif", "\"09586ee4e19c81:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif", "\"09586ee4e19c81:0\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634292354593700000\"");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2856453");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{3bd53dec-24d7-4f9e-b27c-925559b8d27d}");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "translatorbar_1.1");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2856453");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{3bd53dec-24d7-4f9e-b27c-925559b8d27d}");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "translatorbar_1.1");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://de.search.yahoo.com/search?fr=mcafee&p=");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2856453");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2856453");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 30 2011 16:25:19 GMT+0200");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertEnabled", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 20:49:55 GMT+0200");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 20:49:46 GMT+0200");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.alert.userId", "b8abdc8b-403c-4f54-a2be-089945c9a19c");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.globalUserId", "648a5b30-682b-4c4d-b919-47f877de849a");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2856453");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 15 2011 15:07:17 GMT+0200");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstServerDate", "01/15/2011 12");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstTime", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.HideEngineAfterRestart", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.Initialize", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.InstalledDate", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.LastLogin_3.3.0.19", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Jan 15 2011 10:16:10 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.UserID", "UN31259172660520707");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Jan 15 2011 10:16:11 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Jan 15 2011 10:16:12 GMT+0100");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.initDone", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultthis.engineName", "TranslatorBar 1.1 Customized Web Search");
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5,{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1,engine@conduit.com:3.3.0.19,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.2[...]
[oqtfnwpw.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"engine@conduit.com\":{\"d\":\"C:\\\\Users\\\\Jonas\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\oqtfnwpw.default\\\\extensions\\\\en[...]

-\\ Google Chrome v44.0.2403.125

[C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
[C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=086D5CAC4C6773D7&affID=119820&tt=040713_ctrl&tsp=4934

*************************

AdwCleaner[R0].txt - [17593 Bytes] - [31/07/2015 15:58:44]
AdwCleaner[S0].txt - [18069 Bytes] - [31/07/2015 16:00:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18129  Bytes] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jonas on 31.07.2015 at 16:13:15,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\EasySpeedUpManager
Successfully deleted: [Task] C:\windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2011



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Disk Space Explorer Shell Extension
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BDFD2F3-C0B9-4087-8413-B32C6DE0EAFF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\windows\SysWOW64\sho13DB.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho1500.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho1918.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho1F2A.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho2128.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho21B8.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho2524.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho26A0.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho2863.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho2A5.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho2BC6.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3098.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho38D9.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3966.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3A20.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3E79.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3F1.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho3FAD.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho410A.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho435A.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho44B6.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho4BFA.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho4C0.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho4C82.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho4CA9.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho57A6.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho59EA.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho5B37.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho5B6B.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho5E11.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho5E54.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho5F05.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho652F.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho65D1.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho664A.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho67E0.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho6CC2.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho6DD0.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho6F1F.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho6F5D.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho77A3.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho7FCA.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho865B.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho86D2.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho8896.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho8BD3.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho9256.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho93EE.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho99BD.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho9A70.tmp
Successfully deleted: [File] C:\windows\SysWOW64\sho9B62.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoA079.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoA5B9.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoA61.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoA818.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoAAB5.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoAC4F.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoAFD7.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoB437.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoBCCE.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoBFCF.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoBFD7.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoC001.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoC68E.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCADD.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCB19.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCD7A.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCE85.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCEA7.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoCFC8.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoD0A1.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoD536.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoD8F1.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoDCEE.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoE74E.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoE76F.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoE87D.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoF054.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoF09C.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoF3CF.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoF5CB.tmp
Successfully deleted: [File] C:\windows\SysWOW64\shoFC0F.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{03F82784-3423-4261-80DF-1CED998F6FB6}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{09AC073D-61C2-4290-B388-4B56338EE957}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{1E9D1D08-4153-4288-8012-CD43A91060D2}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{204F1466-AEDE-43C6-8E98-F23BA69F95EB}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{2DE7A62D-57B2-4F3B-A697-91D6659BC98B}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{3B7366BE-00B7-4F09-B0FF-6A8FFF1742A8}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{6D4D08D4-F18C-4A1C-A68B-FF2B4420C501}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{73CC3C8E-51E5-467C-95A2-C6A478059E77}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{9126676B-1210-429C-885D-69081EDC279B}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{B7501DC1-A371-4CD4-8450-F2B39392C879}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{CB64493E-83B2-4468-BAB1-8F5802AB6FFB}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{DA81AF2A-4C12-44DC-8328-FA7381FDD21B}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{E236DF5D-EAA9-407D-9C80-05524646E5F9}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{E61753CE-E620-48AE-B134-E312889CDF25}
Successfully deleted: [Empty Folder] C:\Users\Jonas\Appdata\Local\{EE277149-6BEF-475E-BBEB-5ED213EB9A40}
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\Jonas\Appdata\Local\crashrpt



~~~ FireFox

Successfully deleted: [File] C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\oqtfnwpw.default\extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi
Successfully deleted: [File] C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\oqtfnwpw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Successfully deleted: [Folder] C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\oqtfnwpw.default\smartbar
Successfully deleted the following from C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\oqtfnwpw.default\prefs.js

user_pref(CT2504091.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT2504091.FirstTime, true);
user_pref(CT2504091.FirstTimeFF3, true);
user_pref(CT2504091.UserID, UN80714825795931411);
user_pref(CT2504091.addressBarTakeOverEnabledInHidden, true);
user_pref(CT2504091.autoDisableScopes, -1);
user_pref(CT2504091.defaultSearch, false);
user_pref(CT2504091.enableAlerts, false);
user_pref(CT2504091.enableSearchFromAddressBar, true);
user_pref(CT2504091.firstTimeDialogOpened, true);
user_pref(CT2504091.fixPageNotFoundError, true);
user_pref(CT2504091.fixPageNotFoundErrorInHidden, true);
user_pref(CT2504091.fixUrls, true);
user_pref(CT2504091.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT2504091.isNewTabEnabled, true);
user_pref(CT2504091.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT2504091.navigationAliasesJson, {\EB_SEARCH_TERM\:\\,\EB_MAIN_FRAME_URL\:\about%3Aaddons\,\EB_MAIN_FRAME_TITLE\:\\,\EB_TOOLBAR_SUB_DOMAIN\:\hxxp:/
user_pref(CT2504091.openThankYouPage, false);
user_pref(CT2504091.openUninstallPage, false);
user_pref(CT2504091.search.searchAppId, 129079840422026594);
user_pref(CT2504091.search.searchCount, 0);
user_pref(CT2504091.searchInNewTabEnabledInHidden, true);
user_pref(CT2504091.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\true\});
user_pref(CT2504091.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT2504091.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT2504091.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT2504091.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT2504091\});
user_pref(CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://VuzeRemote.OurToolbar.com//xpi\});
user_pref(CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\Vuze Remote\});
user_pref(CT2504091.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT2504091.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1341667108221);
user_pref(CT2504091.serviceLayer_services_appTracking_lastUpdate, 1341667109713);
user_pref(CT2504091.serviceLayer_services_appsMetadata_lastUpdate, 1341667108161);
user_pref(CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1341667109014);
user_pref(CT2504091.serviceLayer_services_login_10.10.12.5_lastUpdate, 1341667109335);
user_pref(CT2504091.serviceLayer_services_optimizer_lastUpdate, 1341667108786);
user_pref(CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1341667108978);
user_pref(CT2504091.serviceLayer_services_searchAPI_lastUpdate, 1341667107640);
user_pref(CT2504091.serviceLayer_services_serviceMap_lastUpdate, 1341667107002);
user_pref(CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate, 1341667108741);
user_pref(CT2504091.serviceLayer_services_toolbarSettings_lastUpdate, 1341667107364);
user_pref(CT2504091.serviceLayer_services_translation_lastUpdate, 1341667108231);
user_pref(CT2504091.settingsINI, true);
user_pref(CT2504091.shouldFirstTimeDialog, false);
user_pref(CT2504091.startPage, false);
user_pref(CT2504091.toolbarBornServerTime, 7-7-2012);
user_pref(CT2504091.toolbarCurrentServerTime, 7-7-2012);
user_pref(CT2504091.toolbarDisabled, true);
user_pref(CT2856453..clientLogIsEnabled, false);
user_pref(CT2856453.AppTrackingLastCheckTime, Sat Jan 15 2011 10:16:33 GMT+0100);
user_pref(CT2856453.CT2856453, CT2856453);
user_pref(CT2856453.CurrentServerDate, 15-1-2011);
user_pref(CT2856453.DialogsAlignMode, LTR);
user_pref(CT2856453.DialogsGetterLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.DownloadReferralCookieData, );
user_pref(CT2856453.EMailNotifierPollDate, Sat Jan 15 2011 10:16:25 GMT+0100);
user_pref(CT2856453.ExternalComponentPollDate129355835169287734, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.FirstServerDate, 15-1-2011);
user_pref(CT2856453.FirstTime, true);
user_pref(CT2856453.FirstTimeFF3, true);
user_pref(CT2856453.FixPageNotFoundErrors, false);
user_pref(CT2856453.GroupingServerCheckInterval, 1440);
user_pref(CT2856453.HasUserGlobalKeys, true);
user_pref(CT2856453.Initialize, true);
user_pref(CT2856453.InitializeCommonPrefs, true);
user_pref(CT2856453.InstallationAndCookieDataSentCount, 1);
user_pref(CT2856453.InstalledDate, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.InvalidateCache, false);
user_pref(CT2856453.IsGrouping, false);
user_pref(CT2856453.IsMulticommunity, false);
user_pref(CT2856453.IsOpenThankYouPage, true);
user_pref(CT2856453.IsOpenUninstallPage, true);
user_pref(CT2856453.LanguagePackLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.LanguagePackReloadIntervalMM, 1440);
user_pref(CT2856453.LastLogin_3.3.0.19, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.LatestVersion, 3.2.5.2);
user_pref(CT2856453.Locale, en);
user_pref(CT2856453.MCDetectTooltipHeight, 83);
user_pref(CT2856453.MCDetectTooltipUrl, hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1);
user_pref(CT2856453.MCDetectTooltipWidth, 295);
user_pref(CT2856453.RadioIsPodcast, false);
user_pref(CT2856453.RadioLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.RadioLastUpdateIPServer, 3);
user_pref(CT2856453.RadioLastUpdateServer, 3);
user_pref(CT2856453.RadioMediaID, 9962);
user_pref(CT2856453.RadioMediaType, Media Player);
user_pref(CT2856453.RadioMenuSelectedID, EBRadioMenu_CT28564539962);
user_pref(CT2856453.RadioStationName, California%20Rock);
user_pref(CT2856453.RadioStationURL, hxxp://feedlive.net/california.asx);
user_pref(CT2856453.SavedHomepage, hxxp://web.de/);
user_pref(CT2856453.SearchFromAddressBarIsInit, true);
user_pref(CT2856453.SearchInNewTabEnabled, true);
user_pref(CT2856453.SearchInNewTabIntervalMM, 1440);
user_pref(CT2856453.SearchInNewTabLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.ServiceMapLastCheckTime, Sat Jan 15 2011 10:16:10 GMT+0100);
user_pref(CT2856453.SettingsLastCheckTime, Sat Jan 15 2011 10:16:10 GMT+0100);
user_pref(CT2856453.SettingsLastUpdate, 1294673289);
user_pref(CT2856453.ThirdPartyComponentsInterval, 504);
user_pref(CT2856453.ThirdPartyComponentsLastCheck, Sat Jan 15 2011 10:16:10 GMT+0100);
user_pref(CT2856453.ThirdPartyComponentsLastUpdate, 1246790578);
user_pref(CT2856453.TrusteLinkUrl, hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112);
user_pref(CT2856453.UserID, UN87308120577310223);
user_pref(CT2856453.ValidationData_Toolbar, 0);
user_pref(CT2856453.WeatherNetwork, );
user_pref(CT2856453.WeatherPollDate, Sat Jan 15 2011 10:16:12 GMT+0100);
user_pref(CT2856453.WeatherUnit, C);
user_pref(CT2856453.alertChannelId, 1248477);
user_pref(CT2856453.approveUntrustedApps, true);
user_pref(CT2856453.components.1000034, true);
user_pref(CT2856453.globalFirstTimeInfoLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.isAppTrackingManagerOn, true);
user_pref(CT2856453.myStuffEnabled, true);
user_pref(CT2856453.myStuffPublihserMinWidth, 400);
user_pref(CT2856453.myStuffServiceIntervalMM, 1440);
user_pref(CT2856453.testingCtid, );
user_pref(CT2856453.toolbarAppMetaDataLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.toolbarContextMenuLastCheckTime, Sat Jan 15 2011 10:16:11 GMT+0100);
user_pref(CT2856453.usagesFlag, 2);
user_pref(extensions.delta.admin, false);
user_pref(extensions.delta.aflt, babsst);
user_pref(extensions.delta.appId, {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3});
user_pref(extensions.delta.autoRvrt, false);
user_pref(extensions.delta.dfltLng, de);
user_pref(extensions.delta.excTlbr, false);
user_pref(extensions.delta.ffxUnstlRst, true);
user_pref(extensions.delta.id, 086d89640000000000005cac4c6773d7);
user_pref(extensions.delta.instlDay, 15891);
user_pref(extensions.delta.instlRef, sst);
user_pref(extensions.delta.newTab, false);
user_pref(extensions.delta.prdct, delta);
user_pref(extensions.delta.prtnrId, delta);
user_pref(extensions.delta.rvrt, false);
user_pref(extensions.delta.smplGrp, none);
user_pref(extensions.delta.tlbrId, base);
user_pref(extensions.delta.tlbrSrchUrl, );
user_pref(extensions.delta.vrsn, 1.8.21.5);
user_pref(extensions.delta.vrsnTs, 1.8.21.515:41:56);
user_pref(extensions.delta.vrsni, 1.8.21.5);
user_pref(extensions.delta_i.babExt, );
user_pref(extensions.delta_i.babTrack, affID=119820&tt=040713_ctrl&tsp=4934);
user_pref(extensions.delta_i.srcExt, ss);
Emptied folder: C:\Users\Jonas\AppData\Roaming\mozilla\firefox\profiles\oqtfnwpw.default\minidumps [83 files]



~~~ Chrome


[C:\Users\Jonas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Jonas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Jonas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Jonas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.07.2015 at 16:26:02,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und ein neues FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Jonas (Administrator) auf JONAS-PC (31-07-2015 16:30:03)
Gestartet von C:\Users\Jonas\Desktop
Geladene Profile: Jonas (Verfügbare Profile: Jonas & Julia & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2010-01-11] (CyberLink Corp.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Amazon Music] => C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [icq] => C:\Users\Jonas\AppData\Roaming\ICQM\icq.exe [36705800 2015-01-23] (ICQ)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify] => C:\Users\Jonas\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE411
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2014-12-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{85756C3D-F775-4D58-BAB3-ED1219199D92}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D2C2A8AD-0813-4195-8EBC-EF4AAE2F45FA}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{D8FE0184-4F0C-4D1C-83FA-2A727FA7F4EF}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default
FF Homepage: google.de|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-18] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2917951037-2729683539-371938882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-05] (Apple Inc.)
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\englische-ergebnisse.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\gmx-suche.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\kikin-search.xml [2011-01-28]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\lastminute.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\webde-suche.xml [2012-02-08]
FF Extension: ProxTube - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\ich@maltegoetz.de.xpi [2015-03-18]
FF Extension: Stylish - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-08-09]
FF Extension: Adblock Plus - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-30]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-12-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19]
FF Extension: Kein Name - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [nicht gefunden]

Chrome: 
=======
CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-02-11]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]
CHR Extension: (Facebook) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-02-11]
CHR Extension: (Black & white theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2015-04-02]
CHR Extension: (AdBlock) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (ProxPrice) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-16]
CHR Extension: (My Chrome Theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-02-11]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-02] ()
S3 BFE; . [0 2015-07-31] () <==== ACHTUNG (Null Byte Datei/Ordner)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MpsSvc; . [0 2015-07-31] () <==== ACHTUNG (Null Byte Datei/Ordner)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
S2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-06] (DT Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-24] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-24] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-24] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-24] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-24] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-24] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-08-11] (Windows (R) 2003 DDK 3790 provider)
R3 TotRec8; C:\windows\system32\drivers\TotRec8.sys [122960 2011-07-08] (High Criteria inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 utmyntm5; C:\windows\SysWOW64\Drivers\utmyntm5.sys [7168 2015-04-24] () [Datei ist nicht signiert]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
U4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
S3 X6va010; \??\C:\windows\SysWOW64\Drivers\X6va010 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 16:29 - 2015-07-31 16:29 - 02168832 _____ (Farbar) C:\Users\Jonas\Desktop\FRST64.exe
2015-07-31 16:29 - 2015-07-31 16:29 - 00000000 ____D C:\Users\Jonas\Desktop\FRST-OlderVersion
2015-07-31 16:26 - 2015-07-31 16:26 - 00018556 _____ C:\Users\Jonas\Desktop\JRT.txt
2015-07-31 16:11 - 2015-07-31 16:11 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Jonas\Desktop\JRT.exe
2015-07-31 15:58 - 2015-07-31 16:00 - 00000000 ____D C:\AdwCleaner
2015-07-31 15:57 - 2015-07-31 15:57 - 02248704 _____ C:\Users\Jonas\Downloads\AdwCleaner_4.208.exe
2015-07-31 15:56 - 2015-07-31 15:56 - 00154085 _____ C:\Users\Jonas\Desktop\mbam.txt
2015-07-31 14:14 - 2015-07-31 14:16 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-31 14:14 - 2015-07-31 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-31 14:14 - 2015-07-31 14:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-31 14:14 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-31 14:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-31 14:13 - 2015-07-31 14:14 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jonas\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-30 12:56 - 2015-07-30 12:56 - 00045654 _____ C:\ComboFix.txt
2015-07-30 12:45 - 2015-07-31 16:01 - 00211420 _____ C:\windows\PFRO.log
2015-07-30 12:24 - 2015-07-30 12:57 - 00000000 ____D C:\Qoobox
2015-07-30 12:24 - 2015-07-30 12:54 - 00000000 ____D C:\windows\erdnt
2015-07-30 12:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-07-30 12:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-07-30 12:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-07-30 12:22 - 2015-07-30 12:23 - 05633622 ____R (Swearware) C:\Users\Jonas\Desktop\ComboFix.exe
2015-07-30 00:17 - 2015-06-29 22:42 - 06783304 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 03522192 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 00932040 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-07-30 00:17 - 2015-06-29 22:42 - 00385352 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-07-30 00:17 - 2015-06-29 13:02 - 04437364 _____ C:\windows\system32\nvcoproc.bin
2015-07-30 00:16 - 2015-06-30 00:53 - 00072904 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-07-30 00:16 - 2015-06-30 00:53 - 00060560 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 31514312 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 24200336 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 22992072 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 18634264 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 17559432 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 16128768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 15294280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 14497568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 13916600 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 13828032 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 12896400 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-07-30 00:14 - 2015-06-30 00:53 - 11272240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 11209192 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 04245832 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 03986632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 03209736 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 02823992 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 01907400 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434174.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434174.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00945480 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00907464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00903496 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00870032 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00026155 _____ C:\windows\system32\nvinfo.pb
2015-07-29 16:00 - 2015-07-29 16:00 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jonas\Downloads\tdsskiller (1).exe
2015-07-29 13:13 - 2015-07-31 15:52 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 13:13 - 2015-07-31 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-29 13:13 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-29 13:09 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-29 13:08 - 2015-07-29 13:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Jonas\Downloads\mbar-1.09.1.1004.exe
2015-07-29 13:05 - 2015-07-29 13:06 - 13786977 _____ C:\Users\Jonas\Downloads\mbar-1.01.0.1021.zip
2015-07-29 12:55 - 2015-07-29 12:55 - 00001264 _____ C:\Users\Jonas\Desktop\Revo Uninstaller.lnk
2015-07-29 12:55 - 2015-07-29 12:55 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-29 12:51 - 2015-07-29 12:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonas\Downloads\revosetup95.exe
2015-07-29 01:22 - 2015-07-29 01:22 - 00121713 _____ C:\Users\Jonas\Documents\nichts.wma
2015-07-28 23:51 - 2015-07-28 23:51 - 00000000 ____D C:\Users\Julia\AppData\Roaming\LolClient
2015-07-28 23:50 - 2015-07-28 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-07-28 23:49 - 2015-07-28 23:50 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Riot Games
2015-07-28 23:48 - 2015-07-28 23:48 - 30668968 _____ (Riot Games) C:\Users\Julia\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-07-28 22:48 - 2015-07-28 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 22:47 - 2015-07-28 22:48 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 22:47 - 2015-07-28 22:47 - 00000000 ____D C:\Program Files\iPod
2015-07-28 22:47 - 2015-07-28 22:47 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-28 18:47 - 2015-07-28 18:47 - 00132010 _____ C:\Users\Jonas\Desktop\KP_WS_2015_16_I.xlsx
2015-07-28 13:09 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-28 13:09 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-28 13:09 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-28 13:09 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-28 03:25 - 2015-07-28 03:25 - 00035412 _____ C:\Users\Jonas\Desktop\LOG FILES.zip
2015-07-28 03:25 - 2015-07-28 03:12 - 00116864 _____ C:\Users\Jonas\Desktop\Gmer - Kopie.txt
2015-07-28 03:25 - 2015-07-28 02:46 - 00066421 _____ C:\Users\Jonas\Desktop\Addition - Kopie.txt
2015-07-28 03:25 - 2015-07-28 02:46 - 00063593 _____ C:\Users\Jonas\Desktop\FRST - Kopie.txt
2015-07-28 03:12 - 2015-07-28 03:12 - 00116864 _____ C:\Users\Jonas\Desktop\Gmer.txt
2015-07-28 02:53 - 2015-07-28 02:53 - 00000616 _____ C:\Users\Jonas\Desktop\wsetdrft.txt
2015-07-28 02:50 - 2015-07-28 02:50 - 00380416 _____ C:\Users\Jonas\Downloads\Gmer-19357.exe
2015-07-28 02:44 - 2015-07-31 16:30 - 00027044 _____ C:\Users\Jonas\Desktop\FRST.txt
2015-07-28 02:44 - 2015-07-28 02:46 - 00066421 _____ C:\Users\Jonas\Desktop\Addition.txt
2015-07-28 02:43 - 2015-07-31 16:30 - 00000000 ____D C:\FRST
2015-07-28 02:37 - 2015-07-28 02:37 - 00000542 _____ C:\Users\Jonas\Desktop\defogger_disable.log
2015-07-28 02:37 - 2015-07-28 02:37 - 00000168 _____ C:\Users\Jonas\defogger_reenable
2015-07-28 02:35 - 2015-07-28 02:35 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2015-07-28 02:16 - 2015-07-28 02:16 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jonas\Downloads\tdsskiller.exe
2015-07-28 01:45 - 2015-07-28 01:45 - 00000756 _____ C:\Users\Jonas\Downloads\OCE_Network_Diagnostic.zip
2015-07-26 21:32 - 2015-07-31 16:03 - 00003268 _____ C:\windows\setupact.log
2015-07-26 21:32 - 2015-07-26 21:32 - 00000000 _____ C:\windows\setuperr.log
2015-07-25 14:11 - 2015-07-25 14:12 - 06609608 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup508.exe
2015-07-25 13:51 - 2015-07-25 13:52 - 01010176 _____ C:\Users\Jonas\Downloads\MicrosoftFixit50884.msi
2015-07-25 13:28 - 2015-07-25 13:30 - 174160152 _____ (Microsoft Corporation) C:\Users\Jonas\Downloads\msert.exe
2015-07-21 19:44 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-21 19:44 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-21 19:44 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 14:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 14:10 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 14:10 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 14:09 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 14:09 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 14:09 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 14:09 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 14:09 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 14:09 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 14:09 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 14:09 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 14:09 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 14:09 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 14:09 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 14:09 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 14:09 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 14:07 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 14:07 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 14:07 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 14:07 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 14:07 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 14:07 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 14:07 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 14:07 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 14:07 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 14:07 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 14:07 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 14:07 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 14:07 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 14:07 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 14:07 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 14:07 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 14:07 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 14:07 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 14:07 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 14:07 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 14:07 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 14:07 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 14:07 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 14:07 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 14:07 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 14:07 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 14:07 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-15 14:06 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 14:06 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 14:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 14:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 14:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 14:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 14:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 14:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 14:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 14:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 14:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-14 00:30 - 2015-07-14 00:31 - 06565736 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup507.exe
2015-07-10 19:28 - 2015-07-28 14:07 - 00000000 ____D C:\$Windows.~BT
2015-07-07 13:21 - 2015-07-07 13:24 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\HTC
2015-07-07 13:20 - 2015-07-31 16:03 - 00000000 ____D C:\Users\Jonas\AppData\Local\HTC MediaHub
2015-07-07 13:20 - 2015-07-07 13:21 - 00000000 ____D C:\Users\Jonas\Documents\HTC
2015-07-07 13:20 - 2015-07-07 13:20 - 00000000 ____D C:\Users\Jonas\.android
2015-07-07 13:19 - 2015-07-07 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-07-07 13:19 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2015-07-07 13:17 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\HTC
2015-07-07 13:17 - 2015-07-07 13:17 - 00000000 ____D C:\ProgramData\HTC
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-01 00:44 - 2015-07-01 00:45 - 01198368 _____ C:\Users\Jonas\Downloads\Fast IP Changer - CHIP-Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 16:16 - 2010-12-24 22:52 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 16:14 - 2015-06-27 13:00 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-31 16:12 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-31 16:12 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-31 16:11 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Local\Spotify
2015-07-31 16:09 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Spotify
2015-07-31 16:08 - 2010-07-12 11:03 - 01898319 _____ C:\windows\WindowsUpdate.log
2015-07-31 16:02 - 2015-02-22 15:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-31 16:02 - 2010-12-24 22:52 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-31 16:01 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-31 15:28 - 2009-07-14 05:20 - 00000000 __RSD C:\windows\Media
2015-07-30 12:57 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-07-30 12:49 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-07-30 00:17 - 2013-04-03 11:53 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-30 00:16 - 2014-02-21 21:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-30 00:16 - 2010-07-12 11:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-30 00:16 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Help
2015-07-29 15:57 - 2013-02-16 15:21 - 00000000 ____D C:\Users\Jonas\Desktop\mbar
2015-07-29 03:50 - 2010-12-25 00:01 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2015-07-29 03:00 - 2014-05-06 18:49 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-29 01:18 - 2011-12-11 18:09 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\TS3Client
2015-07-28 23:47 - 2015-04-03 10:27 - 00168280 _____ C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-28 23:46 - 2015-04-03 10:24 - 00002247 _____ C:\Users\Julia\Desktop\Google Chrome.lnk
2015-07-28 22:47 - 2014-01-28 18:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-28 15:42 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\system32\GWX
2015-07-28 14:29 - 2009-08-02 04:27 - 00000000 ____D C:\windows\Panther
2015-07-28 02:37 - 2010-12-24 21:43 - 00000000 ____D C:\Users\Jonas
2015-07-28 02:18 - 2010-07-13 03:33 - 00770282 _____ C:\windows\system32\perfh007.dat
2015-07-28 02:18 - 2010-07-13 03:33 - 00174568 _____ C:\windows\system32\perfc007.dat
2015-07-28 02:18 - 2009-07-14 07:13 - 01797760 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-25 14:12 - 2013-11-17 01:37 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-25 14:12 - 2013-11-17 01:37 - 00000000 ____D C:\Program Files\CCleaner
2015-07-23 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-23 01:35 - 2013-11-17 01:40 - 00001666 _____ C:\Users\Jonas\Documents\cc_20131117_004025.reg
2015-07-22 13:20 - 2009-07-14 06:45 - 00558672 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-16 04:21 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-16 04:21 - 2014-12-11 23:04 - 00000000 ____D C:\windows\system32\appraiser
2015-07-16 04:21 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-16 03:11 - 2013-08-14 22:03 - 00000000 ____D C:\windows\system32\MRT
2015-07-16 02:11 - 2010-12-24 22:52 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 02:11 - 2010-12-24 22:52 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:46 - 2010-07-12 11:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 00:46 - 2010-07-12 11:17 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 17:40 - 2014-04-28 16:49 - 00000000 ____D C:\Users\Jonas\Desktop\Musik_Mashups und Co
2015-07-14 20:15 - 2015-06-27 13:00 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 20:15 - 2012-04-16 12:49 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 20:15 - 2011-05-16 16:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 00:01 - 2014-09-21 20:19 - 00000000 ____D C:\Users\Jonas\Desktop\FHW
2015-07-11 03:25 - 2011-01-05 21:49 - 00003788 _____ C:\windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-07-10 16:25 - 2013-11-22 18:12 - 00000000 ___RD C:\Users\Jonas\Dropbox
2015-07-10 15:04 - 2013-11-22 18:10 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Dropbox
2015-07-10 04:31 - 2014-06-26 22:52 - 00032768 _____ C:\windows\system32\persistent_q.db-shm
2015-07-10 04:31 - 2014-06-26 22:52 - 00003072 _____ C:\windows\system32\persistent_q.db
2015-07-07 17:27 - 2013-04-29 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Apple Computer
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple Computer
2015-07-07 13:20 - 2010-12-24 21:50 - 00168280 _____ C:\Users\Jonas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 13:18 - 2011-08-23 16:46 - 00000000 ____D C:\Users\Jonas\AppData\Local\Downloaded Installations
2015-07-07 13:17 - 2013-04-02 13:35 - 00000000 ____D C:\temp
2015-07-06 21:31 - 2011-01-28 20:50 - 00000000 ___RD C:\Users\Jonas\Desktop\Sonstiges
2015-07-06 21:29 - 2012-07-16 22:56 - 00000000 ____D C:\Users\Jonas\Desktop\Bilder
2015-07-05 19:08 - 2015-04-10 12:58 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-05 02:35 - 2012-10-21 15:47 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\vlc
2015-07-03 12:58 - 2014-10-22 21:13 - 00225976 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
2015-07-03 08:43 - 2010-12-27 23:08 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Jonas\AppData\Local\CDRip.dll
2011-04-17 20:21 - 2013-10-23 18:49 - 0006656 _____ () C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Jonas\AppData\Local\No23 Recorder.exe
2011-07-25 12:23 - 2015-06-21 19:38 - 0001483 _____ () C:\Users\Jonas\AppData\Local\RecConfig.xml
2012-02-21 19:42 - 2012-02-21 19:42 - 0017408 _____ () C:\Users\Jonas\AppData\Local\WebpageIcons.db
2010-12-24 21:45 - 2010-01-16 08:15 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-07-12 11:14 - 2010-07-12 11:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-12 11:12 - 2010-07-12 11:13 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-07-12 11:08 - 2010-07-12 11:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-12 11:13 - 2010-07-12 11:13 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-07-12 11:07 - 2010-07-12 11:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-12 11:09 - 2010-07-12 11:12 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\Quarantine.exe
C:\Users\Jonas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 02:06

==================== Ende von log ============================

schrauber · 01.08.2015, 12:32

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

J3T · 02.08.2015, 13:58

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# end=init
# utc_time=2015-08-01 04:28:03
# local_time=2015-08-01 06:28:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25082
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# end=updated
# utc_time=2015-08-01 04:29:54
# local_time=2015-08-01 06:29:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# engine=25082
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-01 06:32:41
# local_time=2015-08-01 08:32:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 94047 66032791 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 101317 190083811 0 0
# scanned=246669
# found=1
# cleaned=0
# scan_time=7367
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# end=init
# utc_time=2015-08-01 06:33:37
# local_time=2015-08-01 08:33:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25085
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# end=updated
# utc_time=2015-08-01 06:34:25
# local_time=2015-08-01 08:34:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b3b32ef36e962647889e5baeccd378ec
# engine=25085
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-01 11:03:05
# local_time=2015-08-02 01:03:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1302 16777213 100 100 110271 66049015 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 16690 190100035 0 0
# scanned=494621
# found=2
# cleaned=0
# scan_time=16119
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=8C32EA90EFF3EA18702FAB6F7A56B4794F4503C2 ft=1 fh=d0b3ab8521a47c45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Jonas\Downloads\Fast IP Changer - CHIP-Installer.exe"

Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2011   
 TuneUp Utilities Language Pack (de-DE) 
 Java(TM) 6 Update 22  
 Java 7 Update 71  
 Visual Studio Extensions for Windows Library for JavaScript 
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Adobe Reader XI  
 Mozilla Firefox 36.0.1 Firefox out of Date!  
 Google Chrome (44.0.2403.107) 
 Google Chrome (44.0.2403.125) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

und eine neue FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015
durchgeführt von Jonas (Administrator) auf JONAS-PC (02-08-2015 13:49:21)
Gestartet von C:\Users\Jonas\Desktop\FRST-OlderVersion
Geladene Profile: Jonas (Verfügbare Profile: Jonas & Julia & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Spotify Ltd) C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\Rezip.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\QueryAppBlock.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [210216 2010-01-11] (CyberLink Corp.)
HKLM-x32\...\Run: [NortonOnlineBackup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1112920 2010-03-05] (Symantec Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Amazon Music] => C:\Users\Jonas\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [icq] => C:\Users\Jonas\AppData\Roaming\ICQM\icq.exe [36705800 2015-01-23] (ICQ)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify Web Helper] => C:\Users\Jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\...\Run: [Spotify] => C:\Users\Jonas\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2917951037-2729683539-371938882-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_deDE411
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-12-19] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2917951037-2729683539-371938882-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-12-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2014-12-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{85756C3D-F775-4D58-BAB3-ED1219199D92}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D2C2A8AD-0813-4195-8EBC-EF4AAE2F45FA}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{D8FE0184-4F0C-4D1C-83FA-2A727FA7F4EF}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default
FF Homepage: google.de|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-18] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-12-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2917951037-2729683539-371938882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-05] (Apple Inc.)
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\englische-ergebnisse.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\gmx-suche.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\kikin-search.xml [2011-01-28]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\lastminute.xml [2012-02-08]
FF SearchPlugin: C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\searchplugins\webde-suche.xml [2012-02-08]
FF Extension: ProxTube - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\ich@maltegoetz.de.xpi [2015-03-18]
FF Extension: Stylish - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-08-09]
FF Extension: Adblock Plus - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-30]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-12-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-12-12]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-19]
FF Extension: Kein Name - C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\oqtfnwpw.default\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [nicht gefunden]

Chrome: 
=======
CHR Profile: C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-02-11]
CHR Extension: (YouTube) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]
CHR Extension: (Facebook) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-02-11]
CHR Extension: (Black & white theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2015-04-02]
CHR Extension: (AdBlock) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (ProxPrice) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-16]
CHR Extension: (My Chrome Theme) - C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-02-11]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-02] ()
S3 BFE; . [0 2015-08-02] () <==== ACHTUNG (Null Byte Datei/Ordner)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MpsSvc; . [0 2015-08-02] () <==== ACHTUNG (Null Byte Datei/Ordner)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-05] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-06] (DT Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-24] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-24] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-24] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-24] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-24] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-24] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-24] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-08-11] (Windows (R) 2003 DDK 3790 provider)
R3 TotRec8; C:\windows\system32\drivers\TotRec8.sys [122960 2011-07-08] (High Criteria inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 utmyntm5; C:\windows\SysWOW64\Drivers\utmyntm5.sys [7168 2015-04-24] () [Datei ist nicht signiert]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
U4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
S3 X6va010; \??\C:\windows\SysWOW64\Drivers\X6va010 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-02 13:35 - 2015-08-02 13:35 - 00852684 _____ C:\Users\Jonas\Desktop\SecurityCheck.exe
2015-08-01 18:27 - 2015-08-01 18:27 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-01 18:26 - 2015-08-01 18:26 - 02870984 _____ (ESET) C:\Users\Jonas\Desktop\esetsmartinstaller_deu.exe
2015-07-31 16:29 - 2015-08-02 13:49 - 00000000 ____D C:\Users\Jonas\Desktop\FRST-OlderVersion
2015-07-31 16:26 - 2015-07-31 16:26 - 00018556 _____ C:\Users\Jonas\Desktop\JRT.txt
2015-07-31 16:11 - 2015-07-31 16:11 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Jonas\Desktop\JRT.exe
2015-07-31 15:58 - 2015-07-31 16:00 - 00000000 ____D C:\AdwCleaner
2015-07-31 15:57 - 2015-07-31 15:57 - 02248704 _____ C:\Users\Jonas\Downloads\AdwCleaner_4.208.exe
2015-07-31 15:56 - 2015-07-31 15:56 - 00154085 _____ C:\Users\Jonas\Desktop\mbam.txt
2015-07-31 14:14 - 2015-07-31 14:16 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-31 14:14 - 2015-07-31 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-31 14:14 - 2015-07-31 14:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-31 14:14 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-07-31 14:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-07-31 14:13 - 2015-07-31 14:14 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Jonas\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-30 12:56 - 2015-07-30 12:56 - 00045654 _____ C:\ComboFix.txt
2015-07-30 12:45 - 2015-07-31 16:01 - 00211420 _____ C:\windows\PFRO.log
2015-07-30 12:24 - 2015-07-30 12:57 - 00000000 ____D C:\Qoobox
2015-07-30 12:24 - 2015-07-30 12:54 - 00000000 ____D C:\windows\erdnt
2015-07-30 12:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-07-30 12:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-07-30 12:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-07-30 12:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-07-30 12:22 - 2015-07-30 12:23 - 05633622 ____R (Swearware) C:\Users\Jonas\Desktop\ComboFix.exe
2015-07-30 00:17 - 2015-06-29 22:42 - 06783304 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 03522192 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 02558792 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 00932040 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2015-07-30 00:17 - 2015-06-29 22:42 - 00385352 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2015-07-30 00:17 - 2015-06-29 22:42 - 00062792 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2015-07-30 00:17 - 2015-06-29 13:02 - 04437364 _____ C:\windows\system32\nvcoproc.bin
2015-07-30 00:16 - 2015-06-30 00:53 - 00072904 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2015-07-30 00:16 - 2015-06-30 00:53 - 00060560 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 31514312 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 24200336 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 22992072 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 18634264 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 17559432 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 16128768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 15294280 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 14497568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 13916600 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 13828032 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 12896400 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2015-07-30 00:14 - 2015-06-30 00:53 - 11272240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 11209192 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 04245832 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 03986632 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 03209736 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 02823992 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 01907400 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6434174.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 01557832 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6434174.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00945480 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00907464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00903496 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00870032 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2015-07-30 00:14 - 2015-06-30 00:53 - 00026155 _____ C:\windows\system32\nvinfo.pb
2015-07-29 16:00 - 2015-07-29 16:00 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jonas\Downloads\tdsskiller (1).exe
2015-07-29 13:13 - 2015-07-31 16:37 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-29 13:13 - 2015-07-31 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-29 13:13 - 2015-07-29 15:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-29 13:09 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-07-29 13:08 - 2015-07-29 13:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Jonas\Downloads\mbar-1.09.1.1004.exe
2015-07-29 13:05 - 2015-07-29 13:06 - 13786977 _____ C:\Users\Jonas\Downloads\mbar-1.01.0.1021.zip
2015-07-29 12:55 - 2015-07-29 12:55 - 00001264 _____ C:\Users\Jonas\Desktop\Revo Uninstaller.lnk
2015-07-29 12:55 - 2015-07-29 12:55 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-29 12:51 - 2015-07-29 12:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jonas\Downloads\revosetup95.exe
2015-07-29 01:22 - 2015-07-29 01:22 - 00121713 _____ C:\Users\Jonas\Documents\nichts.wma
2015-07-28 23:51 - 2015-07-28 23:51 - 00000000 ____D C:\Users\Julia\AppData\Roaming\LolClient
2015-07-28 23:50 - 2015-07-28 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2015-07-28 23:49 - 2015-07-28 23:50 - 00000000 ____D C:\Users\Julia\AppData\Roaming\Riot Games
2015-07-28 23:48 - 2015-07-28 23:48 - 30668968 _____ (Riot Games) C:\Users\Julia\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-07-28 22:48 - 2015-07-28 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 22:47 - 2015-07-28 22:48 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 22:47 - 2015-07-28 22:47 - 00000000 ____D C:\Program Files\iPod
2015-07-28 22:47 - 2015-07-28 22:47 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-28 18:47 - 2015-07-28 18:47 - 00132010 _____ C:\Users\Jonas\Desktop\KP_WS_2015_16_I.xlsx
2015-07-28 13:09 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-28 13:09 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-28 13:09 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-28 13:09 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-28 13:09 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-28 03:25 - 2015-07-28 03:25 - 00035412 _____ C:\Users\Jonas\Desktop\LOG FILES.zip
2015-07-28 03:25 - 2015-07-28 03:12 - 00116864 _____ C:\Users\Jonas\Desktop\Gmer - Kopie.txt
2015-07-28 03:25 - 2015-07-28 02:46 - 00066421 _____ C:\Users\Jonas\Desktop\Addition - Kopie.txt
2015-07-28 03:25 - 2015-07-28 02:46 - 00063593 _____ C:\Users\Jonas\Desktop\FRST - Kopie.txt
2015-07-28 03:12 - 2015-07-28 03:12 - 00116864 _____ C:\Users\Jonas\Desktop\Gmer.txt
2015-07-28 02:53 - 2015-07-28 02:53 - 00000616 _____ C:\Users\Jonas\Desktop\wsetdrft.txt
2015-07-28 02:50 - 2015-07-28 02:50 - 00380416 _____ C:\Users\Jonas\Downloads\Gmer-19357.exe
2015-07-28 02:44 - 2015-07-31 16:32 - 00065999 _____ C:\Users\Jonas\Desktop\FRST.txt
2015-07-28 02:44 - 2015-07-28 02:46 - 00066421 _____ C:\Users\Jonas\Desktop\Addition.txt
2015-07-28 02:43 - 2015-08-02 13:49 - 00000000 ____D C:\FRST
2015-07-28 02:37 - 2015-07-28 02:37 - 00000542 _____ C:\Users\Jonas\Desktop\defogger_disable.log
2015-07-28 02:37 - 2015-07-28 02:37 - 00000168 _____ C:\Users\Jonas\defogger_reenable
2015-07-28 02:35 - 2015-07-28 02:35 - 00050477 _____ C:\Users\Jonas\Desktop\Defogger.exe
2015-07-28 02:16 - 2015-07-28 02:16 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Jonas\Downloads\tdsskiller.exe
2015-07-28 01:45 - 2015-07-28 01:45 - 00000756 _____ C:\Users\Jonas\Downloads\OCE_Network_Diagnostic.zip
2015-07-26 21:32 - 2015-08-01 19:08 - 00003604 _____ C:\windows\setupact.log
2015-07-26 21:32 - 2015-07-26 21:32 - 00000000 _____ C:\windows\setuperr.log
2015-07-25 14:11 - 2015-07-25 14:12 - 06609608 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup508.exe
2015-07-25 13:51 - 2015-07-25 13:52 - 01010176 _____ C:\Users\Jonas\Downloads\MicrosoftFixit50884.msi
2015-07-25 13:28 - 2015-07-25 13:30 - 174160152 _____ (Microsoft Corporation) C:\Users\Jonas\Downloads\msert.exe
2015-07-21 19:44 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-21 19:44 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-21 19:44 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-21 19:44 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-21 19:44 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-21 19:44 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 14:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 14:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 14:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 14:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 14:10 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 14:10 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 14:09 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 14:09 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 14:09 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 14:09 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 14:09 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 14:09 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 14:09 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 14:09 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 14:09 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 14:09 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 14:09 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 14:09 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 14:09 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 14:09 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 14:09 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 14:09 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 14:09 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 14:07 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 14:07 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 14:07 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 14:07 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 14:07 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 14:07 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 14:07 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 14:07 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 14:07 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 14:07 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 14:07 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 14:07 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 14:07 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 14:07 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 14:07 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 14:07 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 14:07 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 14:07 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 14:07 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 14:07 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 14:07 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 14:07 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 14:07 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 14:07 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 14:07 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 14:07 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 14:07 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 14:07 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 14:07 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 14:07 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 14:07 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 14:07 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 14:07 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 14:07 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 14:07 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 14:07 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-15 14:07 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-15 14:06 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 14:06 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 14:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 14:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 14:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 14:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 14:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 14:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 14:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 14:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 14:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 14:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 14:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 14:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 14:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 14:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 14:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 14:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 14:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 14:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 14:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 14:06 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 14:06 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-14 00:30 - 2015-07-14 00:31 - 06565736 _____ (Piriform Ltd) C:\Users\Jonas\Downloads\ccsetup507.exe
2015-07-10 19:28 - 2015-07-28 14:07 - 00000000 ____D C:\$Windows.~BT
2015-07-07 13:21 - 2015-07-07 13:24 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\HTC
2015-07-07 13:20 - 2015-07-31 18:27 - 00000000 ____D C:\Users\Jonas\AppData\Local\HTC MediaHub
2015-07-07 13:20 - 2015-07-07 13:21 - 00000000 ____D C:\Users\Jonas\Documents\HTC
2015-07-07 13:20 - 2015-07-07 13:20 - 00000000 ____D C:\Users\Jonas\.android
2015-07-07 13:19 - 2015-07-07 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-07-07 13:19 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2015-07-07 13:17 - 2015-07-07 13:19 - 00000000 ____D C:\Program Files (x86)\HTC
2015-07-07 13:17 - 2015-07-07 13:17 - 00000000 ____D C:\ProgramData\HTC
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-05 19:00 - 2015-07-05 19:00 - 00000000 ____D C:\Program Files (x86)\QuickTime

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-02 13:43 - 2010-12-24 22:52 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 13:29 - 2015-06-27 13:00 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 13:29 - 2010-12-24 22:52 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 13:29 - 2010-07-12 11:03 - 01965204 _____ C:\windows\WindowsUpdate.log
2015-08-01 22:34 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-01 22:34 - 2009-07-14 06:45 - 00022752 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-01 19:08 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Local\Spotify
2015-08-01 18:50 - 2015-05-22 02:43 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Spotify
2015-07-31 18:25 - 2015-02-22 15:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-31 18:25 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-31 15:28 - 2009-07-14 05:20 - 00000000 __RSD C:\windows\Media
2015-07-30 12:57 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-07-30 12:49 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2015-07-30 00:17 - 2013-04-03 11:53 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-30 00:16 - 2014-02-21 21:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-30 00:16 - 2010-07-12 11:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-30 00:16 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Help
2015-07-29 15:57 - 2013-02-16 15:21 - 00000000 ____D C:\Users\Jonas\Desktop\mbar
2015-07-29 03:50 - 2010-12-25 00:01 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Skype
2015-07-29 03:00 - 2014-05-06 18:49 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-29 01:18 - 2011-12-11 18:09 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\TS3Client
2015-07-28 23:47 - 2015-04-03 10:27 - 00168280 _____ C:\Users\Julia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-28 23:46 - 2015-04-03 10:24 - 00002247 _____ C:\Users\Julia\Desktop\Google Chrome.lnk
2015-07-28 22:47 - 2014-01-28 18:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-28 15:42 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\system32\GWX
2015-07-28 14:29 - 2009-08-02 04:27 - 00000000 ____D C:\windows\Panther
2015-07-28 02:37 - 2010-12-24 21:43 - 00000000 ____D C:\Users\Jonas
2015-07-28 02:18 - 2010-07-13 03:33 - 00770282 _____ C:\windows\system32\perfh007.dat
2015-07-28 02:18 - 2010-07-13 03:33 - 00174568 _____ C:\windows\system32\perfc007.dat
2015-07-28 02:18 - 2009-07-14 07:13 - 01797760 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-25 14:12 - 2013-11-17 01:37 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-25 14:12 - 2013-11-17 01:37 - 00000000 ____D C:\Program Files\CCleaner
2015-07-23 12:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-07-23 01:35 - 2013-11-17 01:40 - 00001666 _____ C:\Users\Jonas\Documents\cc_20131117_004025.reg
2015-07-22 13:20 - 2009-07-14 06:45 - 00558672 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-16 04:21 - 2015-04-09 00:55 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-16 04:21 - 2014-12-11 23:04 - 00000000 ____D C:\windows\system32\appraiser
2015-07-16 04:21 - 2009-07-14 05:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-16 03:11 - 2013-08-14 22:03 - 00000000 ____D C:\windows\system32\MRT
2015-07-16 02:11 - 2010-12-24 22:52 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 02:11 - 2010-12-24 22:52 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:46 - 2010-07-12 11:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 00:46 - 2010-07-12 11:17 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 17:40 - 2014-04-28 16:49 - 00000000 ____D C:\Users\Jonas\Desktop\Musik_Mashups und Co
2015-07-14 20:15 - 2015-06-27 13:00 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 20:15 - 2012-04-16 12:49 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 20:15 - 2011-05-16 16:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 00:01 - 2014-09-21 20:19 - 00000000 ____D C:\Users\Jonas\Desktop\FHW
2015-07-11 03:25 - 2011-01-05 21:49 - 00003788 _____ C:\windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-07-10 16:25 - 2013-11-22 18:12 - 00000000 ___RD C:\Users\Jonas\Dropbox
2015-07-10 15:04 - 2013-11-22 18:10 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Dropbox
2015-07-10 04:31 - 2014-06-26 22:52 - 00032768 _____ C:\windows\system32\persistent_q.db-shm
2015-07-10 04:31 - 2014-06-26 22:52 - 00003072 _____ C:\windows\system32\persistent_q.db
2015-07-07 17:27 - 2013-04-29 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\Apple Computer
2015-07-07 13:20 - 2011-01-07 13:54 - 00000000 ____D C:\Users\Jonas\AppData\Local\Apple Computer
2015-07-07 13:20 - 2010-12-24 21:50 - 00168280 _____ C:\Users\Jonas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 13:18 - 2011-08-23 16:46 - 00000000 ____D C:\Users\Jonas\AppData\Local\Downloaded Installations
2015-07-07 13:17 - 2013-04-02 13:35 - 00000000 ____D C:\temp
2015-07-06 21:31 - 2011-01-28 20:50 - 00000000 ___RD C:\Users\Jonas\Desktop\Sonstiges
2015-07-06 21:29 - 2012-07-16 22:56 - 00000000 ____D C:\Users\Jonas\Desktop\Bilder
2015-07-05 19:08 - 2015-04-10 12:58 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-05 02:35 - 2012-10-21 15:47 - 00000000 ____D C:\Users\Jonas\AppData\Roaming\vlc
2015-07-03 12:58 - 2014-10-22 21:13 - 00225976 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
2015-07-03 08:43 - 2010-12-27 23:08 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Jonas\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Jonas\AppData\Local\CDRip.dll
2011-04-17 20:21 - 2013-10-23 18:49 - 0006656 _____ () C:\Users\Jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Jonas\AppData\Local\No23 Recorder.exe
2011-07-25 12:23 - 2015-06-21 19:38 - 0001483 _____ () C:\Users\Jonas\AppData\Local\RecConfig.xml
2012-02-21 19:42 - 2012-02-21 19:42 - 0017408 _____ () C:\Users\Jonas\AppData\Local\WebpageIcons.db
2010-12-24 21:45 - 2010-01-16 08:15 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-07-12 11:14 - 2010-07-12 11:14 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-12 11:12 - 2010-07-12 11:13 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-07-12 11:08 - 2010-07-12 11:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-12 11:13 - 2010-07-12 11:13 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-07-12 11:07 - 2010-07-12 11:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-12 11:09 - 2010-07-12 11:12 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Einige Dateien in TEMP:
====================
C:\Users\Jonas\AppData\Local\Temp\Quarantine.exe
C:\Users\Jonas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 02:06

==================== Ende von log ============================

Also Spiele wie z.B. League of Legends, die vorher von der Firewall blockiert waren gehen nun wieder. Vielen Dank schon einmal dafür

Allerdings kann ich an der Firewall selbst immer noch keine Einstellungen oder Ähnliches ändern da wird nun die Meldung angezeigt: "Einige von den Einstellungen können von der Windows- Firewall nicht geändert werden. Fehlercode: 0x80070005.
Und Kaspersky hat auch immer noch Probleme mit den nicht startenden Schutzkomponenten wie ganz oben genannt.
Trotzdem noch mal vielen Dank für alles bis jetzt